> > Jon, > > > I always put security definer as I really think that should be the > > default behavior. Anyway, your function should run faster. > > That's not a real good idea. A security definer function is like an SUID > shell script; only to be used with great care. >
You'll have to explain to Oracle and their customers that Oracle's security model is not a great idea then. <soapbox> Executing a function should never require privileges on the underlying objects referenced in it. The function should always run with the rights of the owner of the function, not the user executing it. </soapbox> Jon ---------------------------(end of broadcast)--------------------------- TIP 9: In versions below 8.0, the planner will ignore your desire to choose an index scan if your joining column's datatypes do not match