On Wed, Apr 14, 2021 at 10:25:08AM +0300, Ivan Ivanov wrote: > In Postgres we can create view with view owner privileges only. What’s the > reason that there is no option to create view with invoker privileges? Is > there any technical or security subtleties related to absence of this > feature?
The SQL standard calls for the owner privileges behavior, and nobody has implemented an invoker privileges option. I know of no particular subtlety. An SQL-language function can behave like an invoker-privileges view, but a view would allow more optimizer freedom. It would be a good option to have.
