From 0cb55d043aeb8a6f8db6f3f001fdbe8f26f07bb7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Juan=20Ignacio=20S=C3=A1nchez=20Lara?=
 <juanignaciosl@gmail.com>
Date: Wed, 19 Aug 2015 10:35:23 +0200
Subject: [PATCH] Revoke select on table and add security definer for conf
 getter

---
 scripts-available/CDB_Conf.sql | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/scripts-available/CDB_Conf.sql b/scripts-available/CDB_Conf.sql
index f685da3..73d1424 100644
--- a/scripts-available/CDB_Conf.sql
+++ b/scripts-available/CDB_Conf.sql
@@ -2,7 +2,6 @@
 DO LANGUAGE 'plpgsql' $$
 BEGIN
     CREATE TABLE IF NOT EXISTS cartodb.CDB_CONF ( PARAM TEXT PRIMARY KEY, CONF TEXT NOT NULL );
-    EXECUTE format('GRANT SELECT ON cartodb.CDB_CONF TO %s', cartodb.CDB_Organization_Member_Group_Role_Member_Name());
 END
 $$;
 
@@ -33,7 +32,7 @@ BEGIN
     EXECUTE 'select cartodb._CDB_Conf_Cache(''get'', $1) as conf;' INTO conf USING param;
     RETURN conf;
 END
-$$ LANGUAGE PLPGSQL STABLE;
+$$ LANGUAGE PLPGSQL STABLE SECURITY DEFINER;
 
 -- Single cache function allowing SD private dict usage
 CREATE OR REPLACE