Re: security via views

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: weigelt(at)metux(dot)de
Cc: pgsql-admin <pgsql-admin(at)postgresql(dot)org>
Subject: Re: security via views
Date: 2005-04-27 17:27:30
Message-ID: 24260.1114622850@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

Enrico Weigelt <weigelt(at)metux(dot)de> writes:
> Most of the database access works over views and functions.
> For functions its possible to run them with separate privileges
> than the calling user. But is this also possible with views ?
> I've noticed that for views also GRANT is necessary (AFAIK a
> view is nothing else than a table with appropriate RULEs).

You have noticed incorrectly. A view's references to other tables
are privilege-checked with respect to the owner of the view.

regards, tom lane

In response to

Browse pgsql-admin by date

  From Date Subject
Next Message Michael Fuhr 2005-04-27 17:42:52 Re: Client Authentication problem
Previous Message Scott Marlowe 2005-04-27 17:13:14 Re: Client Authentication problem