|
|
Re: Bugs with rules on views/tables: permission denied: msg#00119db.postgresql.bugs
"Donald Fraser" <demolish@xxxxxxxxx> writes: > As USER chkrule do: > Bugs=3D> INSERT INTO vu_tbl_test (id, s_text) VALUES('1','sometext'); > ERROR: vu_tbl_test: permission denied What I get is ERROR: test_func: permission denied and the needed fix is to grant execute privilege on the function to the calling user. > If you give the USER chkrule UPDATE permissions on the view vu_tbl_test the= > n the error at Scenario 1 goes away. Not for me. The reason it acts this way is that rule permissions apply to tables mentioned in the rule, not to functions. This is at least partly for historical reasons: functions didn't have permissions to check, back when the rule system was designed. But I'm not sure that it's wrong. In your example, the end user is controlling the arguments given to test_func. If the rule allowed him to call test_func without having permission to do so, there'd be the potential for security breaches. regards, tom lane ---------------------------(end of broadcast)--------------------------- TIP 5: Have you checked our extensive FAQ? http://www.postgresql.org/users-lounge/docs/faq.html |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Re: Bugs with rules on views/tables: permission denied: 00119, Donald Fraser |
|---|---|
| Next by Date: | Re: Bugs with rules on views/tables: permission denied: 00119, Donald Fraser |
| Previous by Thread: | Re: Bugs with rules on views/tables: permission deniedi: 00119, Donald Fraser |
| Next by Thread: | Re: Bugs with rules on views/tables: permission denied: 00119, Donald Fraser |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |