On Fri, Mar 19, 2010 at 10:29 PM, KaiGai Kohei <kai...@kaigai.gr.jp> wrote: > Is it an expected behavior that PostgreSQL tries to execute foo() with > privileges of the owner of language call handler because of its security > definer property? This server crash is just a result.
I'm inclined to feel (and Tom's response only reinforces this) that the actual behavior isn't critical. I'd be happy with (1) executing foo() with the privileges of the language owner or (2) ignoring the SECURITY DEFINER attribute in this context and executing foo() without changing privileges or (3) throwing an error. We should just do whatever complicates the code the least. Your proposed patch seems good from that point of view, though I'm not clear on whether it's otherwise reasonable or which of the above behaviors it actually implements. ...Robert -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
