From: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Jan Wieck <wieck(at)debis(dot)com>, PostgreSQL Development <pgsql-hackers(at)postgresql(dot)org>, pgsql-sql(at)postgresql(dot)org |
Subject: | Re: Foreign keys breaks tables permissions |
Date: | 2000-05-21 16:45:20 |
Message-ID: | Pine.LNX.4.21.0005201947120.423-100000@localhost.localdomain |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-bugs pgsql-hackers pgsql-sql |
Tom Lane writes:
> This is perhaps the least undesirable of the choices we have, but it's
> still a security hole.
The reason this concerns me is that requiring update rights on the
referenced table eliminates much the benefit of foreign keys from an
administration point of view: If the primary keys can be updated freely,
they no longer constrain the data in the referencing table effectively.
I suppose we'll have to live with that for now but I'd suggest that it be
put on the TODO list somewhere.
--
Peter Eisentraut Sernanders väg 10:115
peter_e(at)gmx(dot)net 75262 Uppsala
http://yi.org/peter-e/ Sweden
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2000-05-21 17:12:34 | Re: Foreign keys breaks tables permissions |
Previous Message | Tom Lane | 2000-05-19 17:44:15 | Re: Foreign keys breaks tables permissions |
From | Date | Subject | |
---|---|---|---|
Next Message | Peter Eisentraut | 2000-05-21 16:45:46 | Re: [HACKERS] Postgresql OO Patch |
Previous Message | Peter Eisentraut | 2000-05-21 16:45:04 | No more <<EOF>> |
From | Date | Subject | |
---|---|---|---|
Next Message | Mitch Vincent | 2000-05-21 16:59:14 | Full text indexing (and errors!) |
Previous Message | Tom Lane | 2000-05-21 04:54:17 | Re: Adding many rows to a table. |