| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Lieven Van Acker <lieven(at)elisa(dot)be> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: View permissions in 7.1 |
| Date: | 2001-05-03 22:13:02 |
| Message-ID: | 14093.988927982@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-patches |
Lieven Van Acker <lieven(at)elisa(dot)be> writes:
> Well, in fact, -at this point - I don't need setuid, because the
> function current_adm() has to lookup the effective uid of the calling
> user. The point is I want to filter the records depending on the uid
> of the user calling the top-level view. So as I can understand, views
> that are called by other views run still within the same session -
> thus returning the effective uid, right?
The problem is that current_adm() fails for lack of read access on the
users table, when it's invoked on behalf of the unprivileged user.
I think that what you really want to be using for the lookup is
SESSION_USER not CURRENT_USER. There's no difference at the moment,
but there will be once we have setuid functions ...
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Hentosh | 2001-05-03 22:22:03 | Re: Invoices |
| Previous Message | Trond Eivind =?iso-8859-1?q?Glomsr=F8d?= | 2001-05-03 22:10:40 | Re: Ideal hardware configuration for pgsql/Netra |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andy Rysin | 2001-05-03 22:30:03 | JDBC part of KOI8-U [was: patch to support KOI8-U <==> UTF-8 conversions (2nd try)] |
| Previous Message | Tom Lane | 2001-05-03 22:05:49 | Re: View permissions in 7.1 |