'Re: [GENERAL] DML Restriction unless through a function'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       postgresql-general
Subject:    Re: [GENERAL] DML Restriction unless through a function
From:       Bruno Wolff III <bruno () wolff ! to>
Date:       2004-06-30 16:09:48
Message-ID: 20040630160948.GA15644 () wolff ! to
[Download RAW message or body]

On Wed, Jun 30, 2004 at 12:00:44 -0400,
  Tom Lane <tgl@sss.pgh.pa.us> wrote:
> 
> That doesn't sound right to me at all.  A SECURITY DEFINER function is
> self contained --- if we ever failed to execute it as the owning user,
> that would be a bug, and I'd be pleased to see an example.
> 
> I do recall that if you have a function that is *not* SECURITY DEFINER,
> and you use it in a view, it will be invoked as the current user, not as
> the view creator which is what some people expect.  It's fairly easy to
> get around this using SECURITY DEFINER, so it's unlikely that we'll
> change it ...

That is what I was probably thinking of.

---------------------------(end of broadcast)---------------------------
TIP 6: Have you searched our list archives?

               http://archives.postgresql.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic