How can I revoke execution of a PostgreSQL function?
Last edited: 1/17/2025
All functions access is PUBLIC by default, this means that any role can execute it. To revoke execution, there are 2 steps required:
- Revoke function execution (
fooin this case) from PUBLIC:
_10revoke execute on function foo from public;
- Revoke execution from a particular role (
anonin this case):
_10revoke execute on function foo from anon;
Now anon should get an error when trying to execute the function:
_10begin;_10set local role anon;_10select foo();_10ERROR: permission denied for function foo