Re: Wrong security context for deferred triggers?

Поиск
Список
Период
Сортировка
От Nico Williams
Тема Re: Wrong security context for deferred triggers?
Дата
Msg-id Z/6GbqRYBLrkCWR7@ubby
обсуждение исходный текст
Ответ на Wrong security context for deferred triggers?  (Laurenz Albe <laurenz.albe@cybertec.at>)
Список pgsql-hackers
On Mon, Nov 06, 2023 at 02:23:04PM +0100, Laurenz Albe wrote:
>  SET CONSTRAINTS ALL DEFERRED;

Some years ago I wrote and submitted a patch to allow one to create
constraints that are ALWAYS DEFERRED so that they cannot be made
IMMEDIATE with SET CONSTRAINTS ALL IMMEDIATE.  I do think that one could
use SET CONSTRAINTS ALL ... to defeat [poorly-coded, perhaps] security
measures taken by triggers.

An example of where one might want triggers that are always deferred
would be a ledger application requiring double-entry, where one might
use deferred triggers to check that all debits have matching credits at
commit-time.

Nico
-- 



В списке pgsql-hackers по дате отправления: