Tom Lane wrote: > Bruce Momjian <[EMAIL PROTECTED]> writes: > > Someone asked me a question about view and function permissions. I > > assumed all object access done by a view would be based on the > > permissions on the view, and not the permissions of the objects. > > Table references are checked according to the owner of the view, but use > in a view does not change the execution context for function or operator > calls. This is how it's always been done. > > > Is this a bug? > > Changing it would be a major definitional change (and a pretty major > implementation change too). It might be better, but please don't > pre-judge the issue by labeling it a bug.
Well, it sure sounds like a bug. What logic is there that table access use the view permissions, but not function access? Could we just use SECURITY DEFINER for function calls in views? -- Bruce Momjian | http://candle.pha.pa.us [EMAIL PROTECTED] | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073 ---------------------------(end of broadcast)--------------------------- TIP 8: explain analyze is your friend
