Peter Eisentraut <peter_e@gmx.net> writes:
> On fre, 2009-10-30 at 00:49 -0400, Tom Lane wrote:
>> And this is a problem why exactly? It's entirely likely that
>> employee-ness can be determined just from what is visible in
>> the persons view, anyway. Not to mention tableoid.
> Yeah, tableoid is a deal-breaker. But perhaps using ONLY should at
> least require SELECT privilege, because it effectively allows you to
> select a subset of the table's rows.
By that argument, WHERE clauses are a security hazard. It's still
not apparent to me why it would be essential, or even a good idea,
to prevent people from figuring out which rows belong to which
subtable.
Or do you mean that ONLY should be treated as requiring column
select privilege on TABLEOID? Perhaps that's sensible.
regards, tom lane