Restricting Direct Access to a C Function in PostgreSQL
| От | Ayush Vatsa |
|---|---|
| Тема | Restricting Direct Access to a C Function in PostgreSQL |
| Дата | |
| Msg-id | CACX+KaNZvPiki5BgF-z14h+SG-rjerm=J0rs8M3nkBTB=xVwog@mail.gmail.com обсуждение исходный текст |
| Ответы |
Re: Restricting Direct Access to a C Function in PostgreSQL
|
| Список | pgsql-hackers |
Hi PostgreSQL Community,
I have a scenario where I am working with two functions: one in SQL and another in C, where the SQL function is a wrapper around C function. Here’s an example:
CREATE OR REPLACE FUNCTION my_func(IN input text)
RETURNS BIGINT AS $$
DECLARE result BIGINT;
BEGIN SELECT col2 INTO result FROM my_func_extended(input); RETURN result;
END;
$$ LANGUAGE plpgsql;
CREATE OR REPLACE FUNCTION my_func_extended( IN input text, OUT col1 text, OUT col2 BIGINT
)
RETURNS SETOF record
AS 'MODULE_PATHNAME', 'my_func_extended'
LANGUAGE C STRICT PARALLEL SAFE;
I need to prevent direct execution of my_func_extended from psql while still allowing it to be called from within the wrapper function my_func.
I’m considering the following options:
- Using GRANT/REVOKE in SQL to manage permissions.
- Adding a check in the C function to allow execution only if
my_funcis in the call stack (previous parent or something), and otherwise throwing an error.
Is there an existing approach to achieve this, or would you recommend a specific solution?
Best regards,
Ayush Vatsa
AWS
В списке pgsql-hackers по дате отправления: