> If you want to confirm what the documentation says create a custom operator/function that alex is not permitted to execute and have them query a view defined by postgres that uses that function.Thanks for the suggestion, it helped and I found out alex could not execute the view as it didn't have privileges for the function associated with operator
But a small doubt arises here I have to revoke the execution of the function using the command
REVOKE ALL ON ALL FUNCTIONS IN SCHEMA public from public;
but when I tried
REVOKE EXECUTE ON FUNCTION text_equals(text,text) FROM alex;
or
REVOKE ALL ON FUNCTION text_equals(text,text) FROM alex;
It didn't work i.e alex can still execute text_equals function. Why is it so?
Thanks
Ayush Vatsa
SDE AWS
but who will execute the
> underlying function inside the ( > ) operator ? Is it postgres or alex?
I'm reasonably confident that all the built-in functions are security invoker. Not that a pure function like greater-than really cares.
David J.