Heikki Linnakangas <heikki.linnakan...@enterprisedb.com> writes: > On 05.10.2010 21:08, Greg Stark wrote: >> If the users that have select access on the view don't have DDL access >> doesn't that make them leak-proof for those users?
> No. You can use built-in functions for leaking data as well. There's a difference between "can be used to extract data wholesale" and "can be used to probe for the existence of a specific value". We might need to start using more specific terminology than "leak". regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers