Skip site navigation (1) Skip section navigation (2)

Re: security via views

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: weigelt(at)metux(dot)de
Cc: pgsql-admin <pgsql-admin(at)postgresql(dot)org>
Subject: Re: security via views
Date: 2005-04-27 17:27:30
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-admin
Enrico Weigelt <weigelt(at)metux(dot)de> writes:
> Most of the database access works over views and functions. 
> For functions its possible to run them with separate privileges
> than the calling user. But is this also possible with views ?
> I've noticed that for views also GRANT is necessary (AFAIK a
> view is nothing else than a table with appropriate RULEs). 

You have noticed incorrectly.  A view's references to other tables
are privilege-checked with respect to the owner of the view.

			regards, tom lane

In response to

pgsql-admin by date

Next:From: Michael FuhrDate: 2005-04-27 17:42:52
Subject: Re: Client Authentication problem
Previous:From: Scott MarloweDate: 2005-04-27 17:13:14
Subject: Re: Client Authentication problem

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group