Re: Questions and experiences writing a Foreign Data Wrapper
| От | Robert Haas |
|---|---|
| Тема | Re: Questions and experiences writing a Foreign Data Wrapper |
| Дата | |
| Msg-id | CA+TgmoZ3FAuEck7dG8LNeOn4jrKn1upsK2pp7mqOw7TPBRToNQ@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: Questions and experiences writing a Foreign Data Wrapper (Tom Lane <tgl@sss.pgh.pa.us>) |
| Ответы |
Re: Questions and experiences writing a Foreign Data Wrapper
|
| Список | pgsql-hackers |
On Fri, Jul 22, 2011 at 12:02 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote: > Robert Haas <robertmhaas@gmail.com> writes: >> On Fri, Jul 22, 2011 at 10:01 AM, Tom Lane <tgl@sss.pgh.pa.us> wrote: >>> I am not, however, convinced that that's a legitimate reading of the SQL >>> spec. Surely user mappings are meant to constrain which users can >>> connect to a given foreign server. > >> Surely that's the job for the table's ACL, no? > > No, a table ACL constrains access to a table. Different issue. > > In particular I find the following in SQL-MED:2008 4.14.1: > > NOTE 9 - Privileges granted on foreign tables are not privileges to use > the data constituting foreign tables, but privileges to use the > definitions of the foreign tables. The privileges to access the data > constituting the foreign tables are enforced by the foreign server, > based on the user mapping. Consequently, a request by an SQL-client to > access external data may raise exceptions. I read that to mean that the remote side might chuck an error depending on the credentials used to connect. I don't read it to be saying that the local side is required to do anything in particular. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company
В списке pgsql-hackers по дате отправления: