| From: | Nico Williams <nico(at)cryptonector(dot)com> |
|---|---|
| To: | Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at> |
| Cc: | pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Wrong security context for deferred triggers? |
| Date: | 2025-04-15 16:16:46 |
| Message-ID: | Z/6GbqRYBLrkCWR7@ubby |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Mon, Nov 06, 2023 at 02:23:04PM +0100, Laurenz Albe wrote:
> SET CONSTRAINTS ALL DEFERRED;
Some years ago I wrote and submitted a patch to allow one to create
constraints that are ALWAYS DEFERRED so that they cannot be made
IMMEDIATE with SET CONSTRAINTS ALL IMMEDIATE. I do think that one could
use SET CONSTRAINTS ALL ... to defeat [poorly-coded, perhaps] security
measures taken by triggers.
An example of where one might want triggers that are always deferred
would be a ledger application requiring double-entry, where one might
use deferred triggers to check that all debits have matching credits at
commit-time.
Nico
--
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2025-04-15 16:18:41 | Re: Fundamental scheduling bug in parallel restore of partitioned tables |
| Previous Message | Tom Lane | 2025-04-15 16:13:49 | Re: bug in stored generated column over domain with constraints. |