What should be the permissions required to create a cast?
Currently, it's approximately first come, first serve. You probably need
to have execute privilege on the function, but that is the least concern.
With no permissions required on either the source or the target type, it's
easy to boobytrap the entire system by creating bogus casting functions.
Given the current granularity of the permissions on data types we'd need
to require the user to own both the source and the target type, which
would make the entire effort quite useless.
Even if we had a "usage" privilege on types, I'm not sure if that would be
appropriate, because creating a cast function is really more than usage --
it affects how the type behaves.
So I'm afraid this might even need to be a separate privilege altogether.
SQL99 effectively says that you must own the source type, the target type,
and the cast function, unless a type is not "user-defined", which is a
distinction we don't make.
Comments?
--
Peter Eisentraut peter_e@gmx.net
