Tom Lane wrote:
> Bruce Momjian <pgman@candle.pha.pa.us> writes:
> > Someone asked me a question about view and function permissions. I
> > assumed all object access done by a view would be based on the
> > permissions on the view, and not the permissions of the objects.
>
> Table references are checked according to the owner of the view, but use
> in a view does not change the execution context for function or operator
> calls. This is how it's always been done.
>
> > Is this a bug?
>
> Changing it would be a major definitional change (and a pretty major
> implementation change too). It might be better, but please don't
> pre-judge the issue by labeling it a bug.
Well, it sure sounds like a bug. What logic is there that table access
use the view permissions, but not function access? Could we just use
SECURITY DEFINER for function calls in views?
-- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610)
359-1001+ If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square,
Pennsylvania19073
