| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
| Cc: | pgsql-hackers(at)postgresql(dot)org, Jaime Casanova <jcasanov(at)systemguards(dot)com(dot)ec>, Bernd Helmle <mailings(at)oopsware(dot)de> |
| Subject: | Re: [COMMITTERS] pgsql: Automatic view update rules Bernd Helmle |
| Date: | 2009-01-27 20:36:01 |
| Message-ID: | 22977.1233088561@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers pgsql-hackers |
Peter Eisentraut <peter_e(at)gmx(dot)net> writes:
> On Tuesday 27 January 2009 17:19:28 Tom Lane wrote:
>> It's a potential security hole, since GRANT ALL on a view used to
>> be de facto the same as GRANT SELECT, if you hadn't bothered to
>> create any rules.
> That is a good point. But the only clean solution would be to make views
> never updatable by default, and invent a nonstandard syntax to make them so,
> which seems very unattractive to me. A GUC variable as a transition measure
> could work, though.
Yeah, I tend to prefer the GUC approach over nonstandard syntax too.
We'd need a GUC anyway to determine the default behavior if no
nonstandard clause appeared; so we might as well just do that and not
bother with the syntax options.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jaime Casanova | 2009-01-27 21:23:09 | Re: [COMMITTERS] pgsql: Automatic view update rules Bernd Helmle |
| Previous Message | Peter Eisentraut | 2009-01-27 20:24:18 | Re: [COMMITTERS] pgsql: Automatic view update rules Bernd Helmle |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2009-01-27 20:36:39 | Re: 8.4 release planning |
| Previous Message | Joshua Brindle | 2009-01-27 20:34:17 | Re: 8.4 release planning |