| From: | Bruno Wolff III <bruno(at)wolff(dot)to> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: [GENERAL] What user to defaults execute as? |
| Date: | 2002-11-02 16:28:23 |
| Message-ID: | 20021102162823.GA6072@wolff.to |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
On Sat, Nov 02, 2002 at 01:01:11 -0500,
Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>
> The example of a serial column (DEFAULT nextval('foo_seq')) seems
> compelling. You do not really want to grant general-purpose UPDATE
> rights on foo_seq to everyone you might allow to INSERT into your
> table.
If it is difficult to add setuid to defaults and constraints, a table owner
can handle nextval without too much trouble. He can to create a setuid
function that runs nextval.
I had thought since rules and functions could run as another user, that
it might be easy to do something similar for defaults, constraints and
triggers. While I think that running these as the table owner is more
logical and safer, I don't think the mutual trust situation will come
up that much in practice so as to make this a high priority item, even
if you aggree that it is a problem.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Greg Patnude | 2002-11-02 17:08:06 | Re: Inserting streamed data |
| Previous Message | Tom Lane | 2002-11-02 15:24:54 | Re: Can't import databases with pg_dump. Why? |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ulrich Neumann | 2002-11-02 16:48:39 | Patch for NetWare support of client tools |
| Previous Message | Tom Lane | 2002-11-02 15:14:20 | Re: [GENERAL] What user to defaults execute as? |