| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
| Cc: | pgsql-hackers(at)postgresql(dot)org, Jaime Casanova <jcasanov(at)systemguards(dot)com(dot)ec>, Bernd Helmle <mailings(at)oopsware(dot)de> |
| Subject: | Re: [COMMITTERS] pgsql: Automatic view update rules Bernd Helmle |
| Date: | 2009-01-27 15:19:28 |
| Message-ID: | 14725.1233069568@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers pgsql-hackers |
Peter Eisentraut <peter_e(at)gmx(dot)net> writes:
> On Saturday 24 January 2009 02:17:13 Tom Lane wrote:
>> 2. You don't want those rules, so you delete them, leaving you with the
>> traditional behavior where attempted inserts etc on the view fail.
> This was never meant to be supported. If you don't want updates on the rules
> to succeed, don't grant privileges.
If we'd had the SQL-spec behavior from day one, it wouldn't be a
problem, but you can't just blow off the old behavior like that.
It's a potential security hole, since GRANT ALL on a view used to
be de facto the same as GRANT SELECT, if you hadn't bothered to
create any rules.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2009-01-27 15:27:00 | Re: pgsql: Silence compiler warning on win32. |
| Previous Message | Robert Haas | 2009-01-27 15:18:10 | Re: [COMMITTERS] pgsql: Automatic view update rules Bernd Helmle |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joshua Brindle | 2009-01-27 15:20:10 | Re: 8.4 release planning |
| Previous Message | Robert Haas | 2009-01-27 15:18:10 | Re: [COMMITTERS] pgsql: Automatic view update rules Bernd Helmle |