Quick Links

Re: Controlling access to Sequences

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	Matthew Horoschun <mhoroschun(at)canprint(dot)com(dot)au>
Cc:	pgsql-sql(at)postgresql(dot)org
Subject:	Re: Controlling access to Sequences
Date:	2003-02-01 04:09:31
Message-ID:	4109.1044072571@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-sql

Matthew Horoschun <mhoroschun(at)canprint(dot)com(dot)au> writes:
> My understanding is that I need to GRANT the UPDATE privilege on the
> SEQUENCE if I want a user to be able to to use nextval() on it. The
> trouble is, if they can do a nextval() they can also do a setval()

So? With enough time on your hands, you can apply nextval() often
enough to get from any point A to any point B. It seems illusory
to think that forbidding setval() makes things more secure.

regards, tom lane

In response to

Controlling access to Sequences at 2003-01-31 12:47:27 from Matthew Horoschun

Responses

Re: Controlling access to Sequences at 2003-02-01 04:28:00 from Matthew Horoschun

Browse pgsql-sql by date

	From	Date	Subject
Next Message	Matthew Horoschun	2003-02-01 04:28:00	Re: Controlling access to Sequences
Previous Message	Andrew J. Kopciuch	2003-02-01 02:36:17	Re: [SQL] For each record in SELECT