The problem is that the more complex you make things, the easier it is
to make a mistake. That's why I like our simpler model unless there is
a glaring problem with it.
---------------------------------------------------------------------------
Bruno Wolff III wrote:
> On Fri, Nov 01, 2002 at 21:35:40 -0500,
> Bruce Momjian <pgman@candle.pha.pa.us> wrote:
> >
> > I think we open up more security problems by having the inserter doing
> > things as the owner of the table.
>
> With triggers it is a bit hard to decide. Since people other than the
> table owner can create them, but then they effectively belong to the
> table owner. I think that makes having them execute as the table
> owner reasonable. The table owner is taking his chances by letting
> other people create triggers on his table.
>
> For constraints and default expressions I don't see any problems for
> having them execute as the table owner. This provides a small advantage
> in providing limited update ability for sequences, that would otherwise
> require creating a function to achieve.
>
> As long as people realize that when they insert, update or delete from
> a table owned by someone else they need to trust that person it probably
> isn't a big deal. The descriptions of triggers hint at this but from
> a different perspective (that of a table owner letting people create
> triggers on his table) and people might not make the connection (assuming
> they even read about triggers).
>
> ---------------------------(end of broadcast)---------------------------
> TIP 3: if posting/reading through Usenet, please send an appropriate
> subscribe-nomail command to majordomo@postgresql.org so that your
> message can get through to the mailing list cleanly
>
-- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610)
359-1001+ If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square,
Pennsylvania19073