On 10/27/14 7:27 AM, Stephen Frost wrote: > * Peter Eisentraut (pete...@gmx.net) wrote: >> On 10/16/14 12:01 PM, Stephen Frost wrote: >>> This started out as a request for a non-superuser to be able to review >>> the log files without needing access to the server. >> >> I think that can be done with a security-definer function. > > Of course it can be. We could replace the entire authorization system > with security definer functions too.
I don't think that is correct. It's easy to do something with security definer functions if it's single purpose, with a single argument, like load this file into this table, let these users do it. It's not easy to do it with functions if you have many parameters, like in a general SELECT statement. So I would like to see at least three wildly different use cases for this before believing that a security definer function isn't appropriate. > I don't view this as an argument > against this feature, particularly as we know other systems have it, > users have asked for multiple times, and large PG deployments have had > to hack around our lack of it. What other systems have it? Do you have links to their documentation? -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
