On 2/22/17 2:51 AM, Pavel Stehule wrote:
> The solution based on rights is elegant, but in this moment I cannot to
> see all possible impacts on performance - because it means new check for
> any call of any function. Maybe checking call stack can be good enough -
> I have not idea how often use case it it.
I think the simple solution to that is not to use proacl for this
purpose but to add an oidvector to pg_proc that is a list of allowed
callers. If the vector is kept sorted then it's a simple binary search.
BTW, I agree that this feature would be useful, as would PRIVATE, but
they're two separate features.
--
Jim Nasby, Data Architect, Blue Treble Consulting, Austin TX
Experts in Analytics, Data Architecture and PostgreSQL
Data in Trouble? Get it in Treble! http://BlueTreble.com
855-TREBLE2 (855-873-2532)
