On 1/22/18 16:04, Chapman Flack wrote:
>> PostgreSQL only allows a trigger action of "call this function", so in
>> the SQL standard context that would mean we'd need to check the EXECUTE
>> privilege of the owner of the trigger. The trick is figuring out who
>> the owner is. If it's the owner of the table, then TRIGGER privilege
>> is effectively total control over the owner of the table. If it's
>> whoever created the trigger, it might be useful, but I don't see how
>> that is compatible with the intent of the SQL standard.
>
> Hmm, it's been not quite a dozen years, have there been later threads
> that followed up on this discussion?
No, I don't think anything has changed here.
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services