Home > mailing lists

Re: [EXAMPLE] Overly zealous security of schemas... - Mailing list pgsql-hackers

From	Sean Chittenden
Subject	Re: [EXAMPLE] Overly zealous security of schemas...
Date	April 26, 2003 21:34:08
Msg-id	20030426223408.GF35599@perrin.int.nxad.com Whole thread Raw
In response to	Re: [EXAMPLE] Overly zealous security of schemas... (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: [EXAMPLE] Overly zealous security of schemas... (Sean Chittenden <sean@chittenden.org>)
List	pgsql-hackers

Tree view

> > And actually, it looks like sequences have this same problem as
> > well, only things are slightly worse there: you have to grant
> > SELECT,UPDATE to a sequence to the public in order for those to
> > work automagically. :-/
> 
> That's always been true though.

True, but while we're on the topic, I figured I'd give things a shot
in the, could this be fixed dept.  Inserting into a view with a rule,
the resulting query is run as the rule executor, not as the rule
definer.  If that were somehow possible, then it'd remove the need to
have a rule rewrite the (insert|update|delete|select) into a function
call running at the privs of its definer and writing the functions
that run at an elevated user.

-sc

-- 
Sean Chittenden

pgsql-hackers by date:

From: Tom Lane
Date: 26 April 2003, 21:25:16
Subject: Re: [EXAMPLE] Overly zealous security of schemas...

From: Peter Eisentraut
Date: 26 April 2003, 22:57:15
Subject: Re: conflicting libraries at runtime

Re: [EXAMPLE] Overly zealous security of schemas... - Mailing list pgsql-hackers

Previous

Next