473,288 Members | 1,726 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,288 software developers and data experts.

"security definer" not being set when function replaced

I may have found a bug.

I have a table:

CREATE TABLE onlpcd_stat
(
sel BIGSERIAL PRIMARY KEY,
user_id INTEGER NOT NULL REFERENCES onlpcd_user ON DELETE CASCADE,
vars TEXT, /* string of Perl var hash */
cre_ts TIMESTAMP DEFAULT NOW()
);

Defined by user 'dba' and executed by the function:

-- return a selector for a state from onlpcd_stat
-- pass in user and var string
CREATE OR REPLACE FUNCTION
fn_onlpcd_get_sel(onlpcd_stat.user_id%TYPE, onlpcd_stat.vars%TYPE)
RETURNS onlpcd_stat.sel%TYPE AS '
DECLARE
-- selector we will return
r_sel onlpcd_stat.sel%TYPE;
-- user passed in vars
v_uid ALIAS for $1;
v_var ALIAS for $2;
BEGIN
-- do not recycle selectors -- it helps
-- avoid browser caching problems
-- get next sel value
SELECT INTO r_sel NEXTVAL(''onlpcd_stat_sel_seq'');

-- make an entry
INSERT INTO onlpcd_stat (sel, user_id, vars)
VALUES (r_sel, v_uid, v_var);

RETURN r_sel;
END;
' LANGUAGE plpgsql;
GRANT EXECUTE ON FUNCTION
fn_onlpcd_get_sel(onlpcd_stat.user_id%TYPE, onlpcd_stat.vars%TYPE)
TO nobody;

Also defined by 'dba', but run by the web server, 'nobody.'

When I type:

psql -U nobody -c "select fn_onlpcd_get_sel(2, 'test')"

It responds with:

ERROR: permission denied for sequence onlpcd_stat_sel_seq
CONTEXT: PL/pgSQL function "fn_onlpcd_get_sel" line 11 at select into
variables

So far, so good.

If I put "SECURITY DEFINER" in the definition and redefine it, I get the
same problem.

However, if I drop the function, then define it again, all is well.

Marty
---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster

Nov 23 '05 #1
0 1533

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
by: McKirahan | last post by:
What is "active content"? My ASP page just returns HTML.... I have a page with an .htm extension that has a form whose action is an ASP page which generates a report after updating a database...
5
by: RWC | last post by:
Hello, I have a database that I need to connect with that resides on my personal intranet server. I'm on a different subnet than this server (running through two different gateways). When I...
1
by: Tom | last post by:
Hi, I am currently on a project where one site needs to send the user credentials to another site, through web services. Scenario: * "User 1" will authenticate to "Site A" using NTLM ("Site...
4
by: Dean Slindee | last post by:
I would like to provide a menu item that the users can click that launches the same "Windows Security" window that doing a Ctrl+Alt+Delete launches, but thru a Process.Start. Is this possible, and...
7
by: Henry | last post by:
I am writing a Windows forms VB.Net/MS SQL application via VS 2003 that utilizes Crystal Reports. I want to be able to dynamically set the report data source at run time. I'm trying to change...
0
by: Marty Scholes | last post by:
I may have found a bug. I have a table: CREATE TABLE onlpcd_stat ( sel BIGSERIAL PRIMARY KEY, user_id INTEGER NOT NULL REFERENCES onlpcd_user ON DELETE CASCADE, vars TEXT, /*...
1
by: Tom Purdom | last post by:
Hi All, I am developing a Outlook interop plugin which performs task time allocation. However when i attempt to fire my custom event to notify that an allocation has been generated the security...
14
by: BillCo | last post by:
Hi folks, I have an a2k ap which is called from a batch file via task scheduler on at night - it runs a bunch of updates, imports stuff from other databases and generally preps the main backend...
19
by: hansBKK | last post by:
Upfront disclaimer - I am a relative newbie, just starting out learning about PHP, mostly by researching, installing and playing with different scripts. I am looking for a host that will provide...
2
by: Mike McGuire | last post by:
I currently have a .NET 2.0 Application that uses "Security.SecureString" to securly pass a password to the process that I am starting within the app. I want to create something similar for a few of...
0
by: MeoLessi9 | last post by:
I have VirtualBox installed on Windows 11 and now I would like to install Kali on a virtual machine. However, on the official website, I see two options: "Installer images" and "Virtual machines"....
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: Aftab Ahmad | last post by:
Hello Experts! I have written a code in MS Access for a cmd called "WhatsApp Message" to open WhatsApp using that very code but the problem is that it gives a popup message everytime I clicked on...
0
by: Aftab Ahmad | last post by:
So, I have written a code for a cmd called "Send WhatsApp Message" to open and send WhatsApp messaage. The code is given below. Dim IE As Object Set IE =...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
by: marcoviolo | last post by:
Dear all, I would like to implement on my worksheet an vlookup dynamic , that consider a change of pivot excel via win32com, from an external excel (without open it) and save the new file into a...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.