Re: Failed assertion due to procedure created with SECURITY DEFINER option

Peter Eisentraut <peter.eisentraut@2ndquadrant.com>

From: Peter Eisentraut <peter.eisentraut@2ndquadrant.com>
To: "Jonathan S. Katz" <jonathan.katz@excoventures.com>
Cc: Andres Freund <andres@anarazel.de>, amul sul <sulamul@gmail.com>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2018-07-13T08:46:27Z
Lists: pgsql-hackers
On 12.07.18 21:52, Jonathan S. Katz wrote:
> So it handles it as expected.

Committed.

> Code and test cases look fine to me from what I can tell. My only suggestion
> would be if we could add some guidance to the documentation on what
> languages
> can support transaction control statements inside procedures with a SECURITY
> DEFINER.

The documentation change is in the CREATE PROCEDURE ref page, since it's
independent of any language.

-- 
Peter Eisentraut              http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services


Commits

  1. Prohibit transaction commands in security definer procedures