Excerpts from Andres Freund's message of vie dic 02 19:09:47 -0300 2011:
> Hi all,
> There is also the point about how permission checks on the actual commands (in
> comparison of modifying command triggers) and such are handled:
> BEFORE and INSTEAD will currently be called independently of the fact whether
> the user is actually allowed to do said action (which is inconsistent with
> data triggers) and indepentent of whether the object they concern exists.
> I wonder if anybody considers that a problem?
Hmm, we currently even have a patch (or is it already committed?) to
avoid locking objects before we know the user has permission on the
object. Getting to the point of calling the trigger would surely be
Álvaro Herrera <alvherre(at)commandprompt(dot)com>
The PostgreSQL Company - Command Prompt, Inc.
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
In response to
pgsql-hackers by date
|Next:||From: Robert Haas||Date: 2011-12-03 00:16:47|
|Subject: Re: Command Triggers|
|Previous:||From: Robert Haas||Date: 2011-12-03 00:02:50|
|Subject: Re: backup_label during crash recovery: do we know how to