Greg Stark <gsstark@mit.edu> writes:
> That makes me wonder. What happens if I prepare a query, then use SET SESSION
> AUTHORIZATION to change my user. Then try to execute the query?
Permissions checks are applied at executor startup, not by the planner,
so it should Work Correctly in my view of the world.
There is one exception: a potentially inlinable SQL function will be
inlined if it is allowably executable when the planner wants to do it
--- subsequent revocation of call privileges on the function won't
cause a failure of the plan. You could argue it both ways about
whether this is a problem, but it seems to me it's not a big issue.
We don't inline functions that could, say, give you access to a table
you couldn't have read otherwise.
regards, tom lane
