| From: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
|---|---|
| To: | PostgreSQL Development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | When and where to check for function permissions |
| Date: | 2002-02-13 20:28:24 |
| Message-ID: | Pine.LNX.4.30.0202131510540.683-100000@peter.localdomain |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
In my current implementation for function privileges, I have the function
permission check somewhere down in the executor. (To be precise, the
permission is determined when the fcache is initialized, and it's checked
in ExecMakeFunctionResult.) Now I remembered the way SQL99 specifies
function resolution, which has the permission check before the function
resolution begins. See also
http://archives.postgresql.org/pgsql-hackers/2002-01/msg01120.php
for the full details.
This makes some sense, because normally you'd want the parser to choose
only between the functions you have access to.
I do have two concerns, however:
1. It would lead to confusing error messages, i.e., always "not found"
instead of "permission denied".
2. It would make a great deal of more sense if the table name resolution
that will be necessary in the new schema implementation were done the same
way. But I have a feeling that this could get messy when rewrite rules
are involved. (More generally, the whole schema resolution could get
messy when rewrite rules are involved.)
Any comments?
--
Peter Eisentraut peter_e(at)gmx(dot)net
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Gordon A. Runkle | 2002-02-13 21:10:04 | Re: Odd statistics behaviour in 7.2 |
| Previous Message | Peter Eisentraut | 2002-02-13 20:27:30 | Function privileges and backward compatibility |