Home > mailing lists

Re: Is this a bug, possible security hole, or wrong assumption? - Mailing list pgsql-general

From	Tom Lane
Subject	Re: Is this a bug, possible security hole, or wrong assumption?
Date	June 9, 2002 14:19:12
Msg-id	5469.1023635919@sss.pgh.pa.us Whole thread Raw
In response to	Is this a bug, possible security hole, or wrong assumption? (Mike Mascari <mascarm@mascari.com>)
List	pgsql-general

Tree view

"Sander Steffann" <sander@steffann.nl> writes:
> But he is right in that his trick works. This proves that views can not be
> safely used for security, which is an important thing to realise...

A different way to look at it is that the privilege of creating
functions shouldn't be handed out willy-nilly.  The trick of hiding
recording operations in a function can be used in other ways besides
this one.

            regards, tom lane

pgsql-general by date:

From: "Alan"
Date: 09 June 2002, 05:26:03
Subject: Help with data transfer please

From: Alan Wayne
Date: 09 June 2002, 14:33:35
Subject: Re: Help with data transfer please

Re: Is this a bug, possible security hole, or wrong assumption? - Mailing list pgsql-general

Previous

Next