Re: View invoker privileges

On 5/14/21 4:11 AM, Noah Misch wrote:
> On Wed, Apr 14, 2021 at 10:25:08AM +0300, Ivan Ivanov wrote:
>> In Postgres we can create view with view owner privileges only. What’s the
>> reason that there is no option to create view with invoker privileges? Is
>> there any technical or security subtleties related to absence of this
>> feature?
> 
> The SQL standard calls for the owner privileges behavior, and nobody has
> implemented an invoker privileges option.  I know of no particular subtlety.
> An SQL-language function can behave like an invoker-privileges view, but a
> view would allow more optimizer freedom.  It would be a good option to have.

+1

Joe

-- 
Crunchy Data - http://crunchydata.com
PostgreSQL Support for Secure Enterprises
Consulting, Training, & Open Source Development