Peter Eisentraut wrote:
Thomas Hallgren wrote:
Is there a way to bypass security checks that retains the SQL parser?
I'd like my C-code to do something like:
impersonate pgadmin
SELECT image from class_table
revert to self
You can use GetUserId() and SetUserId() to flip the current user
identity around as you like. For such a simple query, however, it
might seem better to bypass SPI altogether and do a straight table
lookup through lower-level functions.
Brilliant! I had no idea it was that simple. SetUserId seems to be
extremely lightweight and just what I need. By using it, I can let my
ClassLoader execute with other restrictions than the function caller
(bypassing SPI is not so good for me since the loader is fairly complex
and will access more than one table).
Thanks for the advice,
Thomas Hallgren
---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster
