From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | Andrew Sullivan <ajs(at)crankycanuck(dot)ca> |
Cc: | pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: function body actors (was: [PERFORM] viewing source code) |
Date: | 2007-12-21 21:19:51 |
Message-ID: | 12277.1198271991@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers pgsql-performance |
Andrew Sullivan <ajs(at)crankycanuck(dot)ca> writes:
> Hmm; this may be exactly part of the problem, though. It seems there are
> two possible cases in play:
> 1. Protect the content in the database (in this case, function bodies)
> from _all_ users on a given server. This is a case where you want to
> protect (say) your function body from your users, because you have a
> closed-source application.
> 2. Protect the content of a field from _some_ users on a given system,
> based on the permissions they hold. This is roughly analagous to others not
> being able to look in the table I created, because I haven't GRANTed them
> permission.
I would argue that (2) is reasonably well served today by setting up
separate databases for separate users. The people who are complaining
seem to want to send out a set of functions into a hostile environment,
which is surely case (1).
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Andrew Sullivan | 2007-12-21 21:47:46 | Re: function body actors (was: [PERFORM] viewing source code) |
Previous Message | Bruce Momjian | 2007-12-21 21:06:15 | Re: pgindent issue with EXEC_BACKEND-only typedefs |
From | Date | Subject | |
---|---|---|---|
Next Message | Andrew Sullivan | 2007-12-21 21:47:46 | Re: function body actors (was: [PERFORM] viewing source code) |
Previous Message | Trevor Talbot | 2007-12-21 21:06:18 | Re: viewing source code |