| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
| Cc: | Jan Wieck <wieck(at)debis(dot)com>, PostgreSQL Development <pgsql-hackers(at)postgresql(dot)org>, pgsql-sql(at)postgresql(dot)org |
| Subject: | Re: Foreign keys breaks tables permissions |
| Date: | 2000-05-21 17:12:34 |
| Message-ID: | 9733.958929154@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs pgsql-hackers pgsql-sql |
Peter Eisentraut <peter_e(at)gmx(dot)net> writes:
> Tom Lane writes:
>> This is perhaps the least undesirable of the choices we have, but it's
>> still a security hole.
> The reason this concerns me is that requiring update rights on the
> referenced table eliminates much the benefit of foreign keys from an
> administration point of view: If the primary keys can be updated freely,
> they no longer constrain the data in the referencing table effectively.
> I suppose we'll have to live with that for now but I'd suggest that it be
> put on the TODO list somewhere.
What we need to do about it is implement the separate REFERENCES right
as specified by SQL92, and then fix FK support to require that right
rather than UPDATE...
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Murad Nayal | 2000-05-22 16:42:48 | port v7.0 to SGI-IRIX-6.5.7/64 |
| Previous Message | Peter Eisentraut | 2000-05-21 16:45:20 | Re: Foreign keys breaks tables permissions |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2000-05-21 17:34:30 | Re: plperl and the dynamic loader |
| Previous Message | Tom Lane | 2000-05-21 17:10:27 | Re: MySQL's "crashme" (was Re: Performance) |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2000-05-21 17:58:14 | Re: Full text indexing (and errors!) |
| Previous Message | Mitch Vincent | 2000-05-21 16:59:14 | Full text indexing (and errors!) |