Quick Links

Re: Controlling access to Sequences

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	Matthew Horoschun <mhoroschun(at)canprint(dot)com(dot)au>
Cc:	pgsql-sql(at)postgresql(dot)org
Subject:	Re: Controlling access to Sequences
Date:	2003-02-01 04:43:22
Message-ID:	4328.1044074602@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-sql

Matthew Horoschun <mhoroschun(at)canprint(dot)com(dot)au> writes:
> Should I just avoid SEQUENCES altogether and use the OIDs under normal
> circumstances and the MAX( id ) + 1 style thing when I need a
> human-usable number?

I don't think so. MAX()+1 has more than enough problems of its own.

The real bottom line here is that you should not allow untrustworthy
users any sort of direct access to SQL commands of any kind. They
should only be allowed access to an application that issues suitably
restricted SQL commands on their behalf.

regards, tom lane

In response to

Re: Controlling access to Sequences at 2003-02-01 04:28:00 from Matthew Horoschun

Responses

Re: Controlling access to Sequences at 2003-02-01 05:09:55 from Matthew Horoschun

Browse pgsql-sql by date

	From	Date	Subject
Next Message	Andrew McMillan	2003-02-01 04:43:48	Re: [NOVICE] For each record in SELECT
Previous Message	Matthew Horoschun	2003-02-01 04:28:00	Re: Controlling access to Sequences