On Tue, Jun 1, 2010 at 4:57 PM, Robert Haas <robertmh...@gmail.com> wrote: > On Tue, Jun 1, 2010 at 4:10 PM, Merlin Moncure <mmonc...@gmail.com> wrote: >> have you ruled out: 'create function'? :-) > > You lost me...
Well, as noted by the OP, using views for security in postgres is simply wishful thinking. This is part of a family of issues (generally not evil nor fixable) under the category of 'there is no real control over when functions in a query fire'. My point was that in cases where users expect this behavior, why not encourage them to use functions instead of views? Is there any formal expectation that views can be used to hide data in this way? Does this really have to be fixed, and if so should it be in light of the fact that our rule system is basically understood to be broken? merlin -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
