Peter,
> PostgreSQL only allows a trigger action of "call this function", so in
> the SQL standard context that would mean we'd need to check the EXECUTE
> privilege of the owner of the trigger. The trick is figuring out who
> the owner is. If it's the owner of the table, then TRIGGER privilege
> is effectively total control over the owner of the table. If it's
> whoever created the trigger, it might be useful, but I don't see how
> that is compatible with the intent of the SQL standard.
If that's the case, then a separate TRIGGER priveledge would seem to be
superfluous.
One thing to think about, though; our model allows granting ALTER
privelidge on a table to roles other than the table owner. It would seem
kind of inconsistent to be able to grant non-owner roles the ability to
drop a column, but restrict only the owner to adding a trigger. For one
thing, if you have a non-owner role which has ALTER permission and wants
to add an FK, how would that work?
--
--Josh
Josh Berkus
PostgreSQL @ Sun
San Francisco