Re: [GENERAL] What user to defaults execute as?

The problem is that the more complex you make things, the easier it is
to make a mistake. That's why I like our simpler model unless there is
a glaring problem with it.

---------------------------------------------------------------------------

Bruno Wolff III wrote:
> On Fri, Nov 01, 2002 at 21:35:40 -0500,
> Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> wrote:
> >
> > I think we open up more security problems by having the inserter doing
> > things as the owner of the table.
>
> With triggers it is a bit hard to decide. Since people other than the
> table owner can create them, but then they effectively belong to the
> table owner. I think that makes having them execute as the table
> owner reasonable. The table owner is taking his chances by letting
> other people create triggers on his table.
>
> For constraints and default expressions I don't see any problems for
> having them execute as the table owner. This provides a small advantage
> in providing limited update ability for sequences, that would otherwise
> require creating a function to achieve.
>
> As long as people realize that when they insert, update or delete from
> a table owned by someone else they need to trust that person it probably
> isn't a big deal. The descriptions of triggers hint at this but from
> a different perspective (that of a table owner letting people create
> triggers on his table) and people might not make the connection (assuming
> they even read about triggers).
>
> ---------------------------(end of broadcast)---------------------------
> TIP 3: if posting/reading through Usenet, please send an appropriate
> subscribe-nomail command to majordomo(at)postgresql(dot)org so that your
> message can get through to the mailing list cleanly
>

--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073