default EXECUTE privilege - PostgreSQL Database

Sergey Suleymanov

Documentation says "By default, only the owner (creator) of the
function has the right to execute it."

But for me newly created function has execute privilege to
public by default. And we have to execute "revoke execute on
function ... from public". Why?

Version is 7.3.2

--
Sergey Suleymanov

Nov 11 '05 #1

Subscribe Post Reply

1885

Tom Lane

Sergey Suleymanov <so**@eatpbank.ru> writes:

Documentation says "By default, only the owner (creator) of the
function has the right to execute it."
That's a documentation error. Where do you see it exactly? I can't
find such a statement in the current sources.
But for me newly created function has execute privilege to
public by default. And we have to execute "revoke execute on
function ... from public". Why?

We decided that was the most useful default.

regards, tom lane

---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster

Nov 11 '05 #2

Lincoln Yeoh

Last line just before EXAMPLES
http://www.us.postgresql.org/postgre...efunction.html

Highlighted:
http://216.239.33.104/search?q=cache...hl=en&ie=UTF-8

At 10:48 AM 9/5/2003 -0400, Tom Lane wrote:

Sergey Suleymanov <so**@eatpbank.ru> writes:
Documentation says "By default, only the owner (creator) of the
function has the right to execute it."

That's a documentation error. Where do you see it exactly? I can't
find such a statement in the current sources.
But for me newly created function has execute privilege to
public by default. And we have to execute "revoke execute on
function ... from public". Why?

We decided that was the most useful default.

regards, tom lane

---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster

---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster

Nov 11 '05 #3

Tom Lane

Lincoln Yeoh <ly***@pop.jaring.my> writes:

That's a documentation error. Where do you see it exactly? I can't
find such a statement in the current sources.
Last line just before EXAMPLES
http://www.us.postgresql.org/postgre...efunction.html

Ah. Looks like it's already been removed from the 7.4 docs.

The GRANT reference page does state the situation correctly:

Depending on the type of object, the initial default privileges may
include granting some privileges to PUBLIC. The default is no public
access for tables and schemas; TEMP table creation privilege for
databases; EXECUTE privilege for functions; and USAGE privilege for
languages. The object creator may of course revoke these privileges.

regards, tom lane

---------------------------(end of broadcast)---------------------------
TIP 7: don't forget to increase your free space map settings

Nov 11 '05 #4

Sergey Suleymanov

>>>>> Tom Lane writes:

Tom> We decided that was the most useful default.

Well, not too useful when "SECURITY DEFINER" is used. Anyway
thank you for explanation.

--
Sergey Suleymanov

Nov 11 '05 #5

Similar topics

What privilege needs to be granted?

by: Ping | last post by:

Hello, Have a wonderful new year! I have oracle 9.2 on XP. There is a table T1 created by user U1 in U1's schema, a synonym S1 created also by U1 to point to T1 in U1's schema, U1 granted...

Oracle Database

read-only 'Process_priv' privilege?

by: Chris Callahan | last post by:

Greetings: Long time reader, first time poster. Here we go: ==Specific question: Does there exist in MySQL a privilege configuration which will allow an account to issue `SHOW MASTER...

MySQL Database

privilege unstable

by: Fei Peng | last post by:

>Description: High Resolution Science Imaging experiment(HiRISE) project for one of important instrument on MRO spacecraft which will be launched to MAR in 2005 are using MySQL server 4.0.13 as...

MySQL Database

how to create a default tablespace

by: Pattnayak | last post by:

Hi, when i am trying to create a table in Db2, and specifies the tablespace as default,it gives an error saying "There is no default tablespace".Can anybody please help me out to assign a...

DB2 Database

'EXECUTE PERMISSION DENIED' on executing Sproc

by: Mike L. | last post by:

Hi, I got this 'EXECUTE permission denied on object <mySproc>' error message everytime I try executing my SQL server Sproc. What's this and how to fix this err? many thnaks in advance, mike

ASP.NET

Upcoming events

by: Bruce Momjian | last post by:

I have events in the next few weeks in New York City, Copenhagen, Paris, and Atlanta. Check the News section on the web site for more information. I will also be in Amsterdam February 2-3, though...

PostgreSQL Database

Account privilege requirements to execute CREATE DATABASE.

by: aPRSComp | last post by:

Which account privileges are required to execute CREATE DATABASE ? Are the minimum required privileges or does MySQL user must have ALL privileges to execute CREATE DATABASE ? Peter

MySQL Database

A required privilege is not held by the client

by: Parv | last post by:

I am impersoanting a user to an other domain. But while doing so i am getting A required privilege is not held by the client exception. I have tried with aal possible usernames and passwords...

C# / C Sharp

Unable to grant execute privilege (Urgent)

by: shsandeep | last post by:

I 'recreated' a stored procedure. Earlier, i had given privileges to a particular group but now (after rebuilding) when I try to grant execute privilege for the SP to the same user group, it...

DB2 Database

How to turn on java script in a villaon keypad mobile phone

by: Charles Arthur | last post by:

How do i turn on java script on a villaon, callus and itel keypad mobile phone

Java

Batch import of multiple excel files into the database

by: ryjfgjl | last post by:

If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...

Data Management

Migrating Website to Cloud - Emmanuel Katto

by: emmanuelkatto | last post by:

Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel

General

Navigating the Data Structures and Algorithms (DSA)

by: BarryA | last post by:

What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...

Algorithms / Advanced Math

Looking to do Android software development, any suggestions? Is flutter better?

by: nemocccc | last post by:

hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?

General

Changing the language in Windows 10

by: Hystou | last post by:

Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...

Windows Server

Problem With Comparison Operator <=> in G++

by: Oralloy | last post by:

Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...

C / C++

Maximizing Business Potential: The Nexus of Website Design and Digital Marketing

by: jinu1996 | last post by:

In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...

Online Marketing

The easy way to turn off automatic updates for Windows 10/11

by: Hystou | last post by:

Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...

Windows Server