Excerpts from Tom Lane's message of lun feb 27 20:49:36 -0300 2012:
> So (assuming Peter has read the spec correctly) I'm coming around to the
> idea that the anonymous trigger functions created by this syntax ought
> to be "SECURITY DEFINER table_owner".
I don't remember all the details, but I had a look at this in the
standard about a year ago and the behavior it mandated wasn't trivially
implemented using our existing mechanism. I mentioned the issue of a
stack of user authorizations that is set up whenever a "routine"
(function) is entered, during last year's PGCon developer's meeting. I
intended to have a look at implementing that, but I haven't done
anything yet. What was clear to me was that once I explained the
problem, everyone seemed to agree that fixing it required more than some
trivial syntax rework.
Álvaro Herrera <alvherre(at)commandprompt(dot)com>
The PostgreSQL Company - Command Prompt, Inc.
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
In response to
pgsql-hackers by date
|Next:||From: Kyotaro HORIGUCHI||Date: 2012-02-28 02:59:02|
|Subject: Re: Speed dblink using alternate libpq tuple storage|
|Previous:||From: Alvaro Herrera||Date: 2012-02-28 02:12:08|
|Subject: Re: Command Triggers|