Home > mailing lists

Re: View invoker privileges - Mailing list pgsql-hackers

From	Noah Misch
Subject	Re: View invoker privileges
Date	May 14, 2021 11:11:31
Msg-id	20210514081131.GA2913841@rfd.leadboat.com Whole thread Raw
In response to	View invoker privileges (Ivan Ivanov <m7onov@gmail.com>)
Responses	Re: View invoker privileges (Joe Conway <mail@joeconway.com>)
List	pgsql-hackers

Tree view

On Wed, Apr 14, 2021 at 10:25:08AM +0300, Ivan Ivanov wrote:
> In Postgres we can create view with view owner privileges only. What’s the
> reason that there is no option to create view with invoker privileges? Is
> there any technical or security subtleties related to absence of this
> feature?

The SQL standard calls for the owner privileges behavior, and nobody has
implemented an invoker privileges option.  I know of no particular subtlety.
An SQL-language function can behave like an invoker-privileges view, but a
view would allow more optimizer freedom.  It would be a good option to have.

pgsql-hackers by date:

From: Etsuro Fujita
Date: 14 May 2021, 11:05:28
Subject: Re: naming of async_mode parameter

From: Pavel Borisov
Date: 14 May 2021, 11:21:28
Subject: Re: OOM in spgist insert

Re: View invoker privileges - Mailing list pgsql-hackers

Previous

Next