Excerpts from Dave Fennell's message of vie jun 24 10:48:40 -0400 2011:
> Not sure if this is a bug or possibly just undocumented (or unclearly
> documented) behaviour but the interaction of functions defined as "security
> definer" and functions defined as "security invoker" is not what I would
>
"Dave Fennell" writes:
> I would expect that if a function defined as "security definer" calls a
> function defined as "security invoker" the "invoker" role used would be the
> "definer" of the first function?
So would I.
> However it appears that the *actual*
> invoker (current user) is used.
The following bug has been logged online:
Bug reference: 6076
Logged by: Dave Fennell
Email address: d...@microtux.co.uk
PostgreSQL version: 9.1 (beta2)
Operating system: Linux Debian 64bit
Description:Unexpected "Security Definer / invoker" interaction
Details:
Hi
