PG-518: Drop the internal function permission from PUBLIC.
It will be a security problem to provide the internal function access to PUBLIC. This commit will revoke all permission of internal functions from PUBLIC.pull/314/head
Ibrar Ahmed
parent
40afdce2eb
commit
a392c98b5c
|
|
@ -271,6 +271,11 @@ $$
|
|||
$$ LANGUAGE plpgsql;
|
||||
|
||||
SELECT pgsm_create_view();
|
||||
REVOKE ALL ON FUNCTION range FROM PUBLIC;
|
||||
REVOKE ALL ON FUNCTION get_cmd_type FROM PUBLIC;
|
||||
REVOKE ALL ON FUNCTION pg_stat_monitor_settings FROM PUBLIC;
|
||||
REVOKE ALL ON FUNCTION decode_error_level FROM PUBLIC;
|
||||
REVOKE ALL ON FUNCTION pg_stat_monitor_internal FROM PUBLIC;
|
||||
|
||||
GRANT SELECT ON pg_stat_monitor TO PUBLIC;
|
||||
|
||||
|
|
|
|||
|
|
@ -387,5 +387,12 @@ $$ LANGUAGE plpgsql;
|
|||
|
||||
SELECT pgsm_create_view();
|
||||
|
||||
REVOKE ALL ON FUNCTION range FROM PUBLIC;
|
||||
REVOKE ALL ON FUNCTION get_state FROM PUBLIC;
|
||||
REVOKE ALL ON FUNCTION get_cmd_type FROM PUBLIC;
|
||||
REVOKE ALL ON FUNCTION pg_stat_monitor_settings FROM PUBLIC;
|
||||
REVOKE ALL ON FUNCTION decode_error_level FROM PUBLIC;
|
||||
REVOKE ALL ON FUNCTION pg_stat_monitor_internal FROM PUBLIC;
|
||||
|
||||
GRANT SELECT ON pg_stat_monitor TO PUBLIC;
|
||||
|
||||
|
|
|
|||
|
|
@ -366,6 +366,11 @@ $$
|
|||
$$ LANGUAGE plpgsql;
|
||||
|
||||
SELECT pgsm_create_view();
|
||||
REVOKE ALL ON FUNCTION range FROM PUBLIC;
|
||||
REVOKE ALL ON FUNCTION get_cmd_type FROM PUBLIC;
|
||||
REVOKE ALL ON FUNCTION pg_stat_monitor_settings FROM PUBLIC;
|
||||
REVOKE ALL ON FUNCTION decode_error_level FROM PUBLIC;
|
||||
REVOKE ALL ON FUNCTION pg_stat_monitor_internal FROM PUBLIC;
|
||||
|
||||
GRANT SELECT ON pg_stat_monitor TO PUBLIC;
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue