dbaplus Community

Oct 22, 2015 · Databases

Understanding PostgreSQL Function Security: Definer vs Invoker Explained

This article explains how PostgreSQL functions can be defined with security definer or security invoker, details the differences between session_user and current_user, demonstrates setting roles and search_path, and provides practical examples and safeguards to prevent privilege escalation.