Re: pl/pgsql enabled by default

Mike Mascari <mascarm@mascari.com> writes:

> 2. Issue a query like:
> 
> SELECT *
> FROM view_of_salaries_based_on_current_user
> WHERE my_side_effect_function_that_inserts_into_a_temp_table(salary, employee);

That's just exactly equivalent to


SELECT *  FROM (select *          from all_salaries         where user = CURRENT_USER      ) WHERE
malicious_function(salary,employee)


Hm. If you incorrectly mark your function as IMMUTABLE even though it has side
effects then the planner may indeed collapse this. Does the planner know it
can't collapse views if the underlying tables aren't accessible to the user?

-- 
greg