| From: | Rod Taylor <rbt(at)rbt(dot)ca> |
|---|---|
| To: | Bruno Wolff III <bruno(at)wolff(dot)to> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: setuid for defaults, constraints and triggers (Was: |
| Date: | 2002-10-31 15:17:26 |
| Message-ID: | 1036077449.94263.13.camel@jester |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
On Thu, 2002-10-31 at 09:54, Bruno Wolff III wrote:
> Constraints also run as the user modifying a table instead of the table
> owner.
> Again I don't see a good reason to want to execute constraints as the
> user modifying a table. But I do think there can be reasons to want to
> execute them as the table owner.
>
> To summarize, my suggestion for change is:
>
> Execute default expressions and constraints as the owner of the table.
> Execute triggers as the owner of the trigger.
Can't necessarily run them as the table owner, as it may give
information to other users with the ability to ALTER that table.
However, I can see a good argument to allowing running the constraints
as the user who created the constraint. This means would require
tracking of constraint ownership.
--
Rod Taylor
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruno Wolff III | 2002-10-31 15:33:59 | Re: setuid for defaults, constraints and triggers (Was: What user to [sic] defaults execute as?) |
| Previous Message | Shridhar Daithankar | 2002-10-31 15:13:12 | Re: handling 20,000 connection? |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruno Wolff III | 2002-10-31 15:33:59 | Re: setuid for defaults, constraints and triggers (Was: What user to [sic] defaults execute as?) |
| Previous Message | Bruno Wolff III | 2002-10-31 14:54:02 | setuid for defaults, constraints and triggers (Was: What user to [sic] defaults execute as?) |