Quick Links

Re: View invoker privileges

From:	Noah Misch <noah(at)leadboat(dot)com>
To:	Ivan Ivanov <m7onov(at)gmail(dot)com>
Cc:	pgsql-hackers(at)lists(dot)postgresql(dot)org
Subject:	Re: View invoker privileges
Date:	2021-05-14 08:11:31
Message-ID:	20210514081131.GA2913841@rfd.leadboat.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

On Wed, Apr 14, 2021 at 10:25:08AM +0300, Ivan Ivanov wrote:
> In Postgres we can create view with view owner privileges only. What’s the
> reason that there is no option to create view with invoker privileges? Is
> there any technical or security subtleties related to absence of this
> feature?

The SQL standard calls for the owner privileges behavior, and nobody has
implemented an invoker privileges option. I know of no particular subtlety.
An SQL-language function can behave like an invoker-privileges view, but a
view would allow more optimizer freedom. It would be a good option to have.

In response to

View invoker privileges at 2021-04-14 07:25:08 from Ivan Ivanov

Responses

Re: View invoker privileges at 2021-05-14 13:54:26 from Joe Conway

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Pavel Borisov	2021-05-14 08:21:28	Re: OOM in spgist insert
Previous Message	Etsuro Fujita	2021-05-14 08:05:28	Re: naming of async_mode parameter