First, I asked about this on #postgresql, and I realize that this request
would be a low priority item.  Yet, it would be an improvement for security

When creating a function using EXTERNAL SECURITY DEFINER, by default PUBLIC
has execute privileges on it.  That's unexpected given that when I create a
new table, PUBLIC doesn't have any privileges on it.  It's also not a secure

My request is to allow changing default permissions for function creation, a
la "umask", or at least not give PUBLIC execute permissions by default.  I
am aware that it is possible to wrap the create function statement with the
necessary grants/revokes inside a transaction, as a work-around, but it is
not obvious and makes things unnecessarily inconvenient.  This increases the
chances of beginner and even medium-skill admins to get their security

Pascal Meunier
Purdue University CERIAS

---------------------------(end of broadcast)---------------------------
TIP 9: In versions below 8.0, the planner will ignore your desire to
       choose an index scan if your joining column's datatypes do not

Reply via email to