Re: [HACKERS] postgres_fdw super user checks

On Thu, Oct 5, 2017 at 10:49 AM, Simon Riggs <simon(at)2ndquadrant(dot)com> wrote:

> On 4 October 2017 at 18:13, Jeff Janes <jeff(dot)janes(at)gmail(dot)com> wrote:

>
>
> OK. And if you want the first one, you can wrap it in a view currently,
> but
> > if it were changed I don't know what you would do if you want the 2nd one
> > (other than having every user create their own set of foreign tables).
> So I
> > guess the current situation is more flexible.
>
> Sounds like it would be a useful option on a Foreign Server to allow
> it to run queries as either the invoker or the owner. We have that
> choice for functions, so we already have the concept and syntax
> available. We could have another default at FDW level that specifies
> what the default is for that type of FDW, and if that is not
> specified, we keep it like it currently is.
>

To go further off topic, I'd like to have the invoker vs definer security
options available even for plain old views as well. Sometimes I want
create a view so that I can let people see, in a controlled manner, things
they couldn't otherwise see. But more often I just want to provide a
convenience wrapper around ugly SQL without accidentally granting people
additional privileges.

Cheers,

Jeff