On 5/14/21 4:11 AM, Noah Misch wrote:
On Wed, Apr 14, 2021 at 10:25:08AM +0300, Ivan Ivanov wrote:
In Postgres we can create view with view owner privileges only. What’s the
reason that there is no option to create view with invoker privileges? Is
there any technical or security subtleties related to absence of this
feature?
The SQL standard calls for the owner privileges behavior, and nobody has
implemented an invoker privileges option. I know of no particular subtlety.
An SQL-language function can behave like an invoker-privileges view, but a
view would allow more optimizer freedom. It would be a good option to have.
+1
Joe
--
Crunchy Data - http://crunchydata.com
PostgreSQL Support for Secure Enterprises
Consulting, Training, & Open Source Development
