diff options
| author | Peter Eisentraut <peter_e@gmx.net> | 2018-07-04 09:26:19 +0200 |
|---|---|---|
| committer | Peter Eisentraut <peter_e@gmx.net> | 2018-07-13 10:41:40 +0200 |
| commit | 3804e89bd0e94fb412d3eecb2113cc97e0f7310b (patch) | |
| tree | 39ec8a13fa0c559eee23a58b0a7c6c0220213e96 /doc/src/sgml/ref/create_procedure.sgml | |
| parent | 39035a52894a419ae1b905adfdb0bad72ee19a36 (diff) | |
| download | postgresql-3804e89bd0e94fb412d3eecb2113cc97e0f7310b.tar.gz postgresql-3804e89bd0e94fb412d3eecb2113cc97e0f7310b.zip | |
Prohibit transaction commands in security definer procedures
Starting and aborting transactions in security definer procedures
doesn't work. StartTransaction() insists that the security context
stack is empty, so this would currently cause a crash, and
AbortTransaction() resets it. This could be made to work by
reorganizing the code, but right now we just prohibit it.
Reported-by: amul sul <sulamul@gmail.com>
Discussion: https://www.postgresql.org/message-id/flat/CAAJ_b96Gupt_LFL7uNyy3c50-wbhA68NUjiK5%3DrF6_w%3Dpq_T%3DQ%40mail.gmail.com
Diffstat (limited to 'doc/src/sgml/ref/create_procedure.sgml')
| -rw-r--r-- | doc/src/sgml/ref/create_procedure.sgml | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/doc/src/sgml/ref/create_procedure.sgml b/doc/src/sgml/ref/create_procedure.sgml index f3c3bb006cf..6c1de34b012 100644 --- a/doc/src/sgml/ref/create_procedure.sgml +++ b/doc/src/sgml/ref/create_procedure.sgml @@ -203,6 +203,12 @@ CREATE [ OR REPLACE ] PROCEDURE conformance, but it is optional since, unlike in SQL, this feature applies to all procedures not only external ones. </para> + + <para> + A <literal>SECURITY DEFINER</literal> procedure cannot execute + transaction control statements (for example, <command>COMMIT</command> + and <command>ROLLBACK</command>, depending on the language). + </para> </listitem> </varlistentry> |