| From: | Alex Pilosov <alex(at)pilosoft(dot)com> |
|---|---|
| To: | Martín Marqués <martin(at)bugs(dot)unl(dot)edu(dot)ar> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: [HACKERS] something smells bad |
| Date: | 2001-06-06 23:27:50 |
| Message-ID: | Pine.BSO.4.10.10106061912480.9744-100000@spider.pilosoft.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
On Wed, 6 Jun 2001, [iso-8859-1] Martn Marqus wrote:
> OK, now I'm more then astonished!
> Why was I able to insert as martin then?
> Isn't it true (as the docs say) that when I execute a query over a view with
> rules, the rules (querys in the DO of the RULE) are executed with permssions
> of the owner of the rule (or the view? Any way, martin is owner of both) and
> not of the user that executed the query?
No. With both views and rules, the actions are executed as the user who
executed the query. I don't know if there are plans to allow the 'execute
as owner' for rules, right now this option only exists for the triggers.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Steve Micallef | 2001-06-06 23:55:35 | Skipping duplicate records? |
| Previous Message | Len Morgan | 2001-06-06 23:19:24 | Re: "trigger"ing a procedure every X minutes |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2001-06-07 00:08:03 | Re: Re: [HACKERS] Outstanding patches |
| Previous Message | Robert Forsman | 2001-06-06 22:45:34 | Re: Daily Digest V1 #1428 |