Home > mailing lists

Re: [SQL] Foreign keys breaks tables permissions - Mailing list pgsql-hackers

From	Peter Eisentraut
Subject	Re: [SQL] Foreign keys breaks tables permissions
Date	May 21, 2000 15:41:06
Msg-id	Pine.LNX.4.21.0005201947120.423-100000@localhost.localdomain Whole thread Raw
In response to	Re: [SQL] Foreign keys breaks tables permissions (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: [SQL] Foreign keys breaks tables permissions
List	pgsql-hackers

Tree view

Tom Lane writes:

> This is perhaps the least undesirable of the choices we have, but it's
> still a security hole.

The reason this concerns me is that requiring update rights on the
referenced table eliminates much the benefit of foreign keys from an
administration point of view: If the primary keys can be updated freely,
they no longer constrain the data in the referencing table effectively.

I suppose we'll have to live with that for now but I'd suggest that it be
put on the TODO list somewhere.

-- 
Peter Eisentraut                  Sernanders väg 10:115
peter_e@gmx.net                   75262 Uppsala
http://yi.org/peter-e/            Sweden

pgsql-hackers by date:

From: Peter Eisentraut
Date: 21 May 2000, 15:40:53
Subject: No more <>

From: Peter Eisentraut
Date: 21 May 2000, 15:56:09
Subject: Re: Postgresql OO Patch

Re: [SQL] Foreign keys breaks tables permissions - Mailing list pgsql-hackers

Previous

Next