On 10/16/15 12:51 PM, Andres Freund wrote:
>Hmmm, do you mean essentially skip the "GRANT postgres to joe" and use a
>SECURITY DEFINER C function that does the set role to postgres under the
>covers with "GRANT EXECUTE on FUNCTION elevate_user() to joe"?
Yes.
>Being able to use something like that on existing versions would be
>very nice, but it feels kind of grotty.
Hm. To me it doesn't feel too bad - security definer functions are there
to allow to do things that users would normally not be allowed to do...
Tons of environments can't use C functions, and ignoring that it still
feels ugly.
How much harder would it be to add SET ROLE to event triggers? (Could be
done in conjunction with the hook; they serve different purposes.)
--
Jim Nasby, Data Architect, Blue Treble Consulting, Austin TX
Experts in Analytics, Data Architecture and PostgreSQL
Data in Trouble? Get it in Treble! http://BlueTreble.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
