Re: Failed assertion due to procedure created with SECURITY DEFINER option
Peter Eisentraut <peter.eisentraut@2ndquadrant.com>
From: Peter Eisentraut <peter.eisentraut@2ndquadrant.com>
To: "Jonathan S. Katz" <jonathan.katz@excoventures.com>
Cc: Andres Freund <andres@anarazel.de>, amul sul <sulamul@gmail.com>,
PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2018-07-13T08:46:27Z
Lists: pgsql-hackers
On 12.07.18 21:52, Jonathan S. Katz wrote: > So it handles it as expected. Committed. > Code and test cases look fine to me from what I can tell. My only suggestion > would be if we could add some guidance to the documentation on what > languages > can support transaction control statements inside procedures with a SECURITY > DEFINER. The documentation change is in the CREATE PROCEDURE ref page, since it's independent of any language. -- Peter Eisentraut http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
Commits
-
Prohibit transaction commands in security definer procedures
- 3804e89bd0e9 11.0 landed
- 3884072329bd 12.0 landed