Home > mailing lists

Re: When and where to check for function permissions - Mailing list pgsql-hackers

From	Peter Eisentraut
Subject	Re: When and where to check for function permissions
Date	February 13, 2002 22:42:23
Msg-id	Pine.LNX.4.30.0202131922250.683-100000@peter.localdomain Whole thread Raw
In response to	Re: When and where to check for function permissions (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: When and where to check for function permissions (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-hackers

Tree view

Tom Lane writes:

> Peter Eisentraut <peter_e@gmx.net> writes:
> > Now I remembered the way SQL99 specifies
> > function resolution, which has the permission check before the function
> > resolution begins.
>
> That may be what the spec says, but I think the spec is completely
> brain-dead in this regard and should be ignored.

Why?

> We do not resolve table names that way, why should we resolve function
> names?

We do not resolve table names at all.

> Even more to the point, what happens when someone adds or revokes
> privileges that would affect already-planned queries?

The query plans are invalidated.

Note:  I'm not convinced of this idea either.  But proclaiming it
brain-dead isn't going to push me either way.  You could say Unix shells
are brain-dead, too, because they do the same thing.

-- 
Peter Eisentraut   peter_e@gmx.net

pgsql-hackers by date:

From: Peter Eisentraut
Date: 13 February 2002, 22:13:18
Subject: Re: NAMEDATALEN Changes

From: Tom Lane
Date: 13 February 2002, 22:52:48
Subject: Re: When and where to check for function permissions

Re: When and where to check for function permissions - Mailing list pgsql-hackers

Previous

Next