Andrzej Mazurkiewicz <andr...@mazurkiewicz.org> writes:
>> So in other words, somebody could (accidentally or maliciously) break the
>> constraint by dropping one of its implementation triggers. I doubt that's
>> acceptable.
> The present postgres behavior ALLOWS accidental or malicious break the
> constraint by dropping one of its implementation triggers. Please ref. to the
> following example.
> The following script has been run by the postgres user.
Well, right there you lost me, because superusers are exempt from all
permissions checks by definition; and in particular, direct manipulations
of the system catalogs by superusers are always out of scope for
discussions of what the system should try to protect itself against.
(Try "delete from pg_proc;" in a scratch database sometime.)
My point is that without the internal dependency, a normal user could do
standard SQL commands (ie DROP TRIGGER) and break the FK that way.
That's the case that's not acceptable.
regards, tom lane
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
