You want to base permission checks for the statements in the module against the calling user, and rely only on ownership chaining to bypass permission checks on underlying objects.