From: | Hiroshi Inoue <Inoue(at)tpf(dot)co(dot)jp> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Stephan Szabo <sszabo(at)kick(dot)com>, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: Re: [SQL] Foreign keys breaks tables permissions |
Date: | 2000-05-19 11:28:17 |
Message-ID: | 39252551.2C3B0B17@tpf.co.jp |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-bugs pgsql-hackers pgsql-sql |
Tom Lane wrote:
> "Stephan Szabo" <sszabo(at)kick(dot)com> writes:
> > I believe the reason that the trigger does a select for update was
> > because otherwise there could exist a case that we select and see it
> > and then have the row go away afterwards because nothing stops the
> > delete.
>
> Probably the denial-of-service argument is the weakest of the three
> points. Is anyone in favor of reducing SELECT FOR UPDATE to only
> requiring "SELECT" rights, and living with the possible lock-that-
> you-shouldn't-really-have-been-able-to-get issue?
>
But what about DELETE CASCADE cases for exmaple ?
Maybe RI_trigger should be able to update/insert/delete
the referenced table.
However another kind of permission for foreign key
seems to be needed. i.e only granted users could
define foreign key of the referenced table in CREATE
(ALTER) TABLE command. Otherwise not granted
users could delete tuples of the referenced table
by defining a bogus foreign key of the table with
DELETE CASCADE option.
Comments ?
Regards.
Hiroshi Inoue
Inoue(at)tpf(dot)co(dot)jp
From | Date | Subject | |
---|---|---|---|
Next Message | Hannu Krosing | 2000-05-19 14:05:16 | Re: Re: [SQL] Foreign keys breaks tables permissions |
Previous Message | Tom Lane | 2000-05-19 03:38:19 | Re: [SQL] Foreign keys breaks tables permissions |
From | Date | Subject | |
---|---|---|---|
Next Message | Matthias Urlichs | 2000-05-19 11:40:08 | Re: Performance (was: The New Slashdot Setup (includes MySql server)) |
Previous Message | Hiroshi Inoue | 2000-05-19 11:12:00 | Re: Performance (was: The New Slashdot Setup (includes MySql server)) |
From | Date | Subject | |
---|---|---|---|
Next Message | Kate Collins | 2000-05-19 13:20:55 | Re: SQL command speed |
Previous Message | Rudolph, Michael | 2000-05-19 08:34:02 | AW: What is the difference between NULL and "undef" |