Re: [HACKERS] Table permissions problem

> > Remember some tables are shared with all databases.  Makes things more
> > difficult.
>
>     And  that's  why I suggested a uid/euid model over functions,
>     triggers and views, where  the  permission  checks  are  done
>     against  the function/view owner instead of the current user.
>     If nobody reverted things, this is  already  done  for  views
>     (pg_user  vs  pg_shadow).  The ACL checks are done during the
>     rewrite.
>
>     So CREATE VIEW or CREATE RULE could eventually use some trick
>     to  get around the restrictions on pg_rewrite but ensure that
>     the rule owner is the one creating it. Pg_rewrite itself must
>     be  protected, otherwise a user could change the ownership of
>     a view and get around access restrictions.

Couldn't we do some permission checks on tables at runtime from the
rewrite system ONLY when a table is being added or UPDATE is added to
SELECT, etc?

Would that solve the problem?  Maybe not because you would have to rip
apart the plan, wouldn't you?

--
Bruce Momjian                          |  830 Blythe Avenue
maillist@candle.pha.pa.us              |  Drexel Hill, Pennsylvania 19026
  +  If your life is a hard drive,     |  (610) 353-9879(w)
  +  Christ can be your backup.        |  (610) 853-3000(h)