| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Andrew Sullivan <ajs(at)crankycanuck(dot)ca> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: function body actors (was: [PERFORM] viewing source code) |
| Date: | 2007-12-21 21:19:51 |
| Message-ID: | 12277.1198271991@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers pgsql-performance |
Andrew Sullivan <ajs(at)crankycanuck(dot)ca> writes:
> Hmm; this may be exactly part of the problem, though. It seems there are
> two possible cases in play:
> 1. Protect the content in the database (in this case, function bodies)
> from _all_ users on a given server. This is a case where you want to
> protect (say) your function body from your users, because you have a
> closed-source application.
> 2. Protect the content of a field from _some_ users on a given system,
> based on the permissions they hold. This is roughly analagous to others not
> being able to look in the table I created, because I haven't GRANTed them
> permission.
I would argue that (2) is reasonably well served today by setting up
separate databases for separate users. The people who are complaining
seem to want to send out a set of functions into a hostile environment,
which is surely case (1).
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Sullivan | 2007-12-21 21:47:46 | Re: function body actors (was: [PERFORM] viewing source code) |
| Previous Message | Bruce Momjian | 2007-12-21 21:06:15 | Re: pgindent issue with EXEC_BACKEND-only typedefs |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Sullivan | 2007-12-21 21:47:46 | Re: function body actors (was: [PERFORM] viewing source code) |
| Previous Message | Trevor Talbot | 2007-12-21 21:06:18 | Re: viewing source code |