| From: | Sean Chittenden <sean(at)chittenden(dot)org> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: [EXAMPLE] Overly zealous security of schemas... |
| Date: | 2003-04-26 22:34:08 |
| Message-ID: | 20030426223408.GF35599@perrin.int.nxad.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> > And actually, it looks like sequences have this same problem as
> > well, only things are slightly worse there: you have to grant
> > SELECT,UPDATE to a sequence to the public in order for those to
> > work automagically. :-/
>
> That's always been true though.
True, but while we're on the topic, I figured I'd give things a shot
in the, could this be fixed dept. Inserting into a view with a rule,
the resulting query is run as the rule executor, not as the rule
definer. If that were somehow possible, then it'd remove the need to
have a rule rewrite the (insert|update|delete|select) into a function
call running at the privs of its definer and writing the functions
that run at an elevated user.
-sc
--
Sean Chittenden
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2003-04-26 23:58:48 | Re: conflicting libraries at runtime |
| Previous Message | Tom Lane | 2003-04-26 22:25:15 | Re: [EXAMPLE] Overly zealous security of schemas... |