> > You'll have to explain to Oracle and their customers that Oracle's
> > security model is not a great idea then.
>
> I'd love to, and in fact *do* whenever I'm given the chance.
>
> In fact, Oracle's security model is pretty bad; the reason why Oracle
> advertises "Unbreakable" so hard is that they have a terrible record of
> security exploits, making them nearly as bad as MySQL. Heck, these days
> you're better off using MSSQL than Oracle to protect your data.
LOL! I'm not going to trade jabs with you on which product has more
exploits because that is just stupid.
I'm stating that the *model* for Oracle security is very similar to the
non-default behavior of PostgreSQL of using "security definer". I prefer
this model. I think it is a great idea and I mention Oracle because it is
highly reputable database company that uses this model.
For instance, if I want to allow a user to insert data, I most likely want
them to ONLY do it through my method. That means creating a function with
security definer set and granting the user execute on the function. I don't
want the user to select my sequence or inserting data directly to the table.
Also, there is no need to argue this because we can have it both ways.
Security definer is an option and I recommend to always use it over the
default. If you don't want to use it, don't.
Jon
