Re: setuid for defaults, constraints and triggers (Was:
От | Rod Taylor |
---|---|
Тема | Re: setuid for defaults, constraints and triggers (Was: |
Дата | |
Msg-id | 1036077449.94263.13.camel@jester обсуждение исходный текст |
Ответ на | setuid for defaults, constraints and triggers (Was: What user to [sic] defaults execute as?) (Bruno Wolff III <bruno@wolff.to>) |
Ответы |
Re: setuid for defaults, constraints and triggers (Was: What user to [sic] defaults execute as?)
|
Список | pgsql-hackers |
On Thu, 2002-10-31 at 09:54, Bruno Wolff III wrote: > Constraints also run as the user modifying a table instead of the table > owner. > Again I don't see a good reason to want to execute constraints as the > user modifying a table. But I do think there can be reasons to want to > execute them as the table owner. > > To summarize, my suggestion for change is: > > Execute default expressions and constraints as the owner of the table. > Execute triggers as the owner of the trigger. Can't necessarily run them as the table owner, as it may give information to other users with the ability to ALTER that table. However, I can see a good argument to allowing running the constraints as the user who created the constraint. This means would require tracking of constraint ownership. -- Rod Taylor
В списке pgsql-hackers по дате отправления: