I want to revoke the administrator or executive functions to a specific user in Postgres in user creation in java.
for example, let's have a user with read-only privileges "readonlyuser" and I don't want him to execute these functions. So I tried below to revoke, first all functions and then pg_sleep alone.
REVOKE EXECUTE ON FUNCTIONS FROM readonlyuser, public;
REVOKE EXECUTE ON FUNCTION pg_sleep FROM readonlyuser;
like below,
String sql = "CREATE USER 'readonlyuser' WITH ENCRYPTED PASSWORD 'pass';";
Statement stmt = connection.createStatement();
stmt.execute(sql);
stmt.execute("REVOKE EXECUTE ON FUNCTIONS FROM 'readonlyuser', public");
or
stmt.execute("REVOKE EXECUTE ON FUNCTION pg_sleep FROM readonlyuser;");
But still, I can able to execute functions from readonlyuser.
please, help me out to know how can I achieve this.
CodePudding user response:
REVOKE EXECUTE ON FUNCTIONS
is not correct SQL, so let me take pg_sleep
as an example.
pg_sleep
has the default permissions, since
SELECT proacl FROM pg_proc WHERE proname = 'pg_sleep';
returns NULL. The documentation has that
the default privileges granted to
PUBLIC
are as follows: [...]EXECUTE
privilege for functions and procedures
So the privilege is granted to PUBLIC
. Now you can only revoke a privilege that was granted, so the attempt to revoke the privilege from readonlyuser
achieves nothing. You'd have to revoke the privilege from PUBLIC
.
Be warned that you should not change the privileges of system functions. Such changes will be lost during an upgrade. Also, it may break client tools that expect to be able to use these functions. Note that functions that are considered dangerous are restricted to privileged users anyway.
If your goal is to keep users that can run SQL statements on your database from performing denial-of-service attacks, forget it. There is no way you can do that. Restricting access to certain functions is your least worry in that case. Don't let untrustworthy users run their own SQL statements on your database.