On Sat, Nov 02, 2002 at 01:01:11 -0500, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>
> The example of a serial column (DEFAULT nextval('foo_seq')) seems
> compelling. You do not really want to grant general-purpose UPDATE
> rights on foo_seq to everyone you might allow to INSERT into your
> table.
If it is difficult to add setuid to defaults and constraints, a table owner
can handle nextval without too much trouble. He can to create a setuid
function that runs nextval.
I had thought since rules and functions could run as another user, that
it might be easy to do something similar for defaults, constraints and
triggers. While I think that running these as the table owner is more
logical and safer, I don't think the mutual trust situation will come
up that much in practice so as to make this a high priority item, even
if you aggree that it is a problem.
