Re: [HACKERS] RFC: Security and Impersonation

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Philip Warner <pjw(at)rhyme(dot)com(dot)au>
Cc: pgsql-hackers(at)postgreSQL(dot)org
Subject: Re: [HACKERS] RFC: Security and Impersonation
Date: 1999-07-23 14:51:41
Message-ID: 14550.932741501@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Philip Warner <pjw(at)rhyme(dot)com(dot)au> writes:
> A very useful feature in some database systems is the ability to
> restrict who can run certain external or stored procedures, and to
> grant extra access rights to users when they do run those procedures.

We have some of this, I think, from ACLs on tables and views. But
as far as I know there is not a notion of a "suid view", one with
different privileges from its caller. It sounds like a good thing
to work on. Is there any standard in the area?

regards, tom lane

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 1999-07-23 16:03:09 Re: [HACKERS] Index not used on simple select
Previous Message Tom Lane 1999-07-23 14:48:45 Re: [HACKERS] Phantom row from aggregate in self-join in 6.5