Re: [GENERAL] What user to defaults execute as?
| От | Bruno Wolff III |
|---|---|
| Тема | Re: [GENERAL] What user to defaults execute as? |
| Дата | |
| Msg-id | 20021102162823.GA6072@wolff.to обсуждение исходный текст |
| Ответ на | Re: [GENERAL] What user to defaults execute as? (Tom Lane <tgl@sss.pgh.pa.us>) |
| Список | pgsql-hackers |
On Sat, Nov 02, 2002 at 01:01:11 -0500, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>
> The example of a serial column (DEFAULT nextval('foo_seq')) seems
> compelling. You do not really want to grant general-purpose UPDATE
> rights on foo_seq to everyone you might allow to INSERT into your
> table.
If it is difficult to add setuid to defaults and constraints, a table owner
can handle nextval without too much trouble. He can to create a setuid
function that runs nextval.
I had thought since rules and functions could run as another user, that
it might be easy to do something similar for defaults, constraints and
triggers. While I think that running these as the table owner is more
logical and safer, I don't think the mutual trust situation will come
up that much in practice so as to make this a high priority item, even
if you aggree that it is a problem.
В списке pgsql-hackers по дате отправления: