Andrew Sullivan <ajs@crankycanuck.ca> writes:
> Hmm; this may be exactly part of the problem, though. It seems there are
> two possible cases in play:
> 1. Protect the content in the database (in this case, function bodies)
> from _all_ users on a given server. This is a case where you want to
> protect (say) your function body from your users, because you have a
> closed-source application.
> 2. Protect the content of a field from _some_ users on a given system,
> based on the permissions they hold. This is roughly analagous to others not
> being able to look in the table I created, because I haven't GRANTed them
> permission.
I would argue that (2) is reasonably well served today by setting up
separate databases for separate users. The people who are complaining
seem to want to send out a set of functions into a hostile environment,
which is surely case (1).
regards, tom lane