| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>, Bruno Wolff III <bruno(at)wolff(dot)to>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: [GENERAL] What user to defaults execute as? |
| Date: | 2002-11-02 15:14:20 |
| Message-ID: | 21202.1036250060@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
I said:
> And I have not yet been able to think of a concrete case where the
> existing behavior (execute as calling user) is better.
Okay, I've thought of one: consider the situation where you want to
label each row in a table with the ID of the user who inserted it.
Right now, you can do
...,
who name default current_user,
...
or for greater security use a trigger to set the column value.
This will stop working if defaults and triggers run as the table
owner. (You could maybe use session_user instead, but it's not
clear that that's the right thing if the user is calling setuid
functions that do things on his behalf.)
However this is only one example; I still think Bruno's got a good
argument.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2002-11-02 15:24:54 | Re: Can't import databases with pg_dump. Why? |
| Previous Message | Doug McNaught | 2002-11-02 15:09:28 | Re: Can't import databases with pg_dump. Why? |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruno Wolff III | 2002-11-02 16:28:23 | Re: [GENERAL] What user to defaults execute as? |
| Previous Message | Tom Lane | 2002-11-02 15:06:35 | Re: move 0 behaviour |