Home > mailing lists

Re: [GENERAL] What user to defaults execute as? - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: [GENERAL] What user to defaults execute as?
Date	November 2, 2002 13:14:24
Msg-id	21202.1036250060@sss.pgh.pa.us Whole thread Raw
In response to	Re: [GENERAL] What user to defaults execute as? (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: [GENERAL] What user to defaults execute as? (Peter Eisentraut <peter_e@gmx.net>)
List	pgsql-hackers

Tree view

I said:
> And I have not yet been able to think of a concrete case where the
> existing behavior (execute as calling user) is better.

Okay, I've thought of one: consider the situation where you want to
label each row in a table with the ID of the user who inserted it.
Right now, you can do...,who    name    default current_user,...
or for greater security use a trigger to set the column value.
This will stop working if defaults and triggers run as the table
owner.  (You could maybe use session_user instead, but it's not
clear that that's the right thing if the user is calling setuid
functions that do things on his behalf.)

However this is only one example; I still think Bruno's got a good
argument.
        regards, tom lane

pgsql-hackers by date:

From: Tom Lane
Date: 02 November 2002, 13:06:37
Subject: Re: move 0 behaviour

From: Bruno Wolff III
Date: 02 November 2002, 14:18:59
Subject: Re: [GENERAL] What user to defaults execute as?

Re: [GENERAL] What user to defaults execute as? - Mailing list pgsql-hackers

Previous

Next