Skip site navigation (1)
Skip section navigation (2)
Peripheral Links
Header And Logo
|
Site Navigation
Permissions on aggregate component functions
- From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
- To: pgsql-hackers(at)postgreSQL(dot)org
- Subject: Permissions on aggregate component functions
- Date: Thu, 27 Jan 2005 15:27:54 -0500
- Message-id: <23863(dot)1106857674(at)sss(dot)pgh(dot)pa(dot)us>
I just noticed that there is no permission check anywhere in CREATE AGGREGATE concerning the aggregate's transition and final functions. This means anyone can trivially bypass the function EXECUTE permission check: just make an aggregate function to call it for you. (Now, this works only for functions whose signature fits what an aggregate expects, but for most one- and two-argument functions you can do it.) Clearly this is a must-fix issue, but I'm wondering exactly where the check should be enforced. Is it sufficient to check at the time of CREATE AGGREGATE that the creator has appropriate rights, or do we need to do it every time the aggregate is used? regards, tom lane
- Follow-Ups:
- Re: Permissions on aggregate component functions
- From: Simon Riggs
- Re: Permissions on aggregate component functions
- From: Bruno Wolff III
- Re: Permissions on aggregate component functions
- Prev by Date: Security Release Packaging ...
- Next by Date: Re: Security Release Packaging ...
- Previous by thread: Security Release Packaging ...
- Next by thread: Re: Permissions on aggregate component functions
- Indexes: