Chris Travers wrote: > I am going to make another suggestion here. We should probably > suggest that no reporting functions should run as security definer. > This allows the same data to be accessed relationally as would be > retrieved by the function.
I'd like to see the project go one step further and declare that no read-access functions should run as SECURITY DEFINER, only write-access functions. I can't think of any real-world example I've ever run into where column-level permission granularity couldn't solve this. (Well, except for really badly-designed databases that needed, effectively, row-level security!) And there shouldn't be any functions that both read and write (I think). -- -Adam Thompson <[email protected]> (204) 291-7950 ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Ledger-smb-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/ledger-smb-devel
