| From: | Bruce Momjian <bruce(at)momjian(dot)us> |
|---|---|
| To: | Noah Misch <noah(at)leadboat(dot)com> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: PG 18 release notes draft committed |
| Date: | 2025-06-04 21:53:38 |
| Message-ID: | aEDAYsSGd_BOdLvL@momjian.us |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, Jun 4, 2025 at 02:29:46PM -0700, Noah Misch wrote:
> I agree with David G. Johnston's feedback on this. My draft didn't mention
> SECURITY DEFINER, because I consider it redundant from a user's perspective.
> If a function is SECURITY DEFINER, that always overrides other sources of user
> identity. No need to mention it each time.
Well, if it is a SECURITY DEFINER function, it is not going to be run as
the user who is active at commit/execution time, so I think we have to
specify that.
--
Bruce Momjian <bruce(at)momjian(dot)us> https://momjian.us
EDB https://enterprisedb.com
Do not let urgent matters crowd out time for investment in the future.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2025-06-04 22:10:38 | Re: PG 18 release notes draft committed |
| Previous Message | Bruce Momjian | 2025-06-04 21:52:19 | Re: PG 18 release notes draft committed |