Home > mailing lists

Re: setuid for defaults, constraints and triggers (Was: - Mailing list pgsql-hackers

From	Rod Taylor
Subject	Re: setuid for defaults, constraints and triggers (Was:
Date	October 31, 2002 13:17:07
Msg-id	1036077449.94263.13.camel@jester Whole thread Raw
In response to	setuid for defaults, constraints and triggers (Was: What user to [sic] defaults execute as?) (Bruno Wolff III <bruno@wolff.to>)
Responses	Re: setuid for defaults, constraints and triggers (Was: What user to [sic] defaults execute as?)
List	pgsql-hackers

Tree view

On Thu, 2002-10-31 at 09:54, Bruno Wolff III wrote:
> Constraints also run as the user modifying a table instead of the table
> owner.
> Again I don't see a good reason to want to execute constraints as the
> user modifying a table. But I do think there can be reasons to want to
> execute them as the table owner.
> 
> To summarize, my suggestion for change is:
> 
> Execute default expressions and constraints as the owner of the table.
> Execute triggers as the owner of the trigger.

Can't necessarily run them as the table owner, as it may give
information to other users with the ability to ALTER that table.

However, I can see a good argument to allowing running the constraints
as the user who created the constraint. This means would require 
tracking of constraint ownership.

--  Rod Taylor

pgsql-hackers by date:

From: "Pedro M. Ferreira"
Date: 31 October 2002, 12:53:38
Subject: Re: float output precision questions

From: Bruno Wolff III
Date: 31 October 2002, 13:24:38
Subject: Re: setuid for defaults, constraints and triggers (Was: What user to [sic] defaults execute as?)

Re: setuid for defaults, constraints and triggers (Was: - Mailing list pgsql-hackers

Previous

Next