Re: policies with security definer option for allowing inline optimization

From: Chapman Flack <chap(at)anastigmatix(dot)net>
To: Isaac Morland <isaac(dot)morland(at)gmail(dot)com>, Dan Lynch <pyramation(at)gmail(dot)com>
Cc: PostgreSQL Developers <pgsql-hackers(at)lists(dot)postgresql(dot)org>
Subject: Re: policies with security definer option for allowing inline optimization
Date: 2021-04-02 13:44:39
Message-ID: 60671FC7.4050509@anastigmatix.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On 04/02/21 09:09, Isaac Morland wrote:
> If we're going to do this we should do the same for triggers as well.
>
> ... it's easy to imagine a situation in which a trigger needs to
> write to another table which should not be accessible to the role using the
> table which has the trigger.

Triggers seem to be an area of long-standing weirdness[1].

Regards,
-Chap

[1]
https://www.postgresql.org/message-id/b1be2d05-b9fd-b9db-ea7f-38253e4e4bab%40anastigmatix.net

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Alvaro Herrera 2021-04-02 13:52:18 Re: libpq debug log
Previous Message Stephen Frost 2021-04-02 13:30:16 Re: policies with security definer option for allowing inline optimization