On fre, 2009-10-30 at 00:49 -0400, Tom Lane wrote:
> Peter Eisentraut <peter_e@gmx.net> writes:
> > There is a gap in the permission scheme for inheritance setups. Say you
> > have this:
>
> > CREATE TABLE persons (...);
> > CREATE TABLE employees (...) INHERITS (persons);
>
> > GRANT SELECT ON persons TO foo;
>
> > Then user foo can extract who the employees are using
>
> > SELECT * FROM persons EXCEPT SELECT * FROM ONLY persons;
>
> And this is a problem why exactly? It's entirely likely that
> employee-ness can be determined just from what is visible in
> the persons view, anyway. Not to mention tableoid.
Yeah, tableoid is a deal-breaker. But perhaps using ONLY should at
least require SELECT privilege, because it effectively allows you to
select a subset of the table's rows.