On Jun28, 2012, at 17:29 , Tom Lane wrote:
> Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp> writes:
>> 2012/6/27 Florian Pflug <fgp(at)phlo(dot)org>:
>>> Hm, what happens if a SECURITY DEFINER functions returns a refcursor?
>> My impression is, here is no matter even if SECURITY DEFINER function
>> returns refcursor.
> I think Florian has a point: it *should* work, but *will* it?
> I believe it works today, because the executor only applies permissions
> checks during query startup. So those checks are executed while still
> within the SECURITY DEFINER context, and should behave as expected.
> Subsequently, the cursor portal is returned to caller and caller can
> execute it to completion, no problem.
Don't we (sometimes?) defer query startup to the first time FETCH is
In response to
pgsql-hackers by date
|Next:||From: Jeff Janes||Date: 2012-06-28 15:37:55|
|Subject: Re: Covering Indexes|
|Previous:||From: Robert Haas||Date: 2012-06-28 15:29:10|
|Subject: Re: experimental: replace s_lock spinlock code with
pthread_mutex on linux|