| From: | Dave Page <dpage(at)postgresql(dot)org> |
|---|---|
| To: | Hiroshi Inoue <inoue(at)tpf(dot)co(dot)jp> |
| Cc: | Mark Cave-Ayland <mark(dot)cave-ayland(at)ilande(dot)co(dot)uk>, pgsql-odbc(at)postgresql(dot)org |
| Subject: | Re: Proposal for new pgsqlODBC feature - hiding tables inaccessible to the current user |
| Date: | 2007-06-29 07:37:51 |
| Message-ID: | 4684B6CF.1050603@postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-odbc |
Hiroshi Inoue wrote:
> Dave Page wrote:
>> Hiroshi Inoue wrote:
>>> Mark Cave-Ayland wrote:
>>>> On Wed, 2007-06-27 at 09:01 +0900, Hiroshi Inoue wrote:
>>>>
>>>>> How about changing the default behavior of SQLTables to list only
>>>>> SELECTable tables and add a bit to Extra Opts to list inaccessible
>>>>> tables also ?
>>>> I think this would risk breaking a lot of existing applications.
>>> Really ?
>>> I can hardly imagine the applications which would update/delete
>>> the rows whose contents couldn't be seen.
>> insert-only audit tables?
>>
>> Yes, they should really be handled by server-side triggers, but I know
>> of at least a couple of apps running on PostgreSQL with psqlODBC that do
>> it client side.
>
> Hmm the apps list the tables using SQLTables() ?
I don't recall (and I don't have access to them any more to check), but
as we've had the current behaviour for the last 10 years or so, and
no-one has really complained until now, I don't think we should risk
changing the default - at least without checking for SELECT, UPDATE,
INSERT or DELETE rather than just SELECT.
Regards, Dave
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Mark Cave-Ayland | 2007-06-29 13:42:48 | Re: Proposal for new pgsqlODBC feature - hiding tables inaccessible to the current user |
| Previous Message | Hiroshi Inoue | 2007-06-29 00:31:13 | Re: Proposal for new pgsqlODBC feature - hiding tables inaccessible to the current user |