| From: | Damon Cokenias <damon(at)cokenias(dot)org> |
|---|---|
| To: | <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Large object security |
| Date: | 2002-04-19 10:31:00 |
| Message-ID: | p04310105b8e59e8d074a@[10.0.1.9] |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
At 12:11 PM +0200 4/19/02, Mario Weilguni wrote:
>would'nt it be much better to expand pg_largeobject to have another column "src_oid" (or similar), containing the OID of the referencing table from pg_class, and when accessing large objects take the privilieges from the referencing class?
It's possible that several tables could reference the same object. And besides, I don't think postgres can tell the difference between a column that contains a large object id and a plain old integer.
Also, I don't think table-level permissions are flexible enough to be truly useful. What if I want certain objects to be visible only to certain users, but I want all objects to be referenced from the same table? I can enforce row-level security on the table with a view. I'd like the same level of flexibility for large objects.
Another thought: What if I want to restrict access to large objects based on size or timestamp?
-Damon
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Olivier PRENANT | 2002-04-19 11:04:16 | Re: [HACKERS] build of 7.2.1 on SCO Openserver andUnixware |
| Previous Message | Mario Weilguni | 2002-04-19 10:11:48 | Re: Large object security |