* Tom Lane (t...@sss.pgh.pa.us) wrote: > (In other words, it's not that hard to build > a "RUN AS other-user" feature into a C function, even without any support > from the rest of the system.)
I was considering this and a bit concerned about what would happen if the C function actually did this and if we'd clean things up properly at the end or if the function would be required to handle that clean-up (if it was written as SECUURITY INVOKER, which is what's being suggested here)... In general, I'd certainly rather have the database handle that cleanly and consistently than expect my function to clean up after itself. Alvaro's point about the discussion of a stack of roles is certainly something else to consider, though I feel that the 'run-as' option is pretty straight-forward and could be done more-or-less identically to how we do secuirty definer now, it's just changing where we get the role to change to before running the function. Thanks, Stephen
signature.asc
Description: Digital signature