Re: [SQL] Controlling access to Sequences

2003-02-01 Thread Ross J. Reedstrom
On Sat, Feb 01, 2003 at 12:39:50AM -0600, Bruno Wolff III wrote: > On Fri, Jan 31, 2003 at 23:47:27 +1100, > Matthew Horoschun <[EMAIL PROTECTED]> wrote: > > > > Is there any effective method for controlling access to a SEQUENCE? or > > should I do something like in the view: > > You can limit

Re: [SQL] Controlling access to Sequences

2003-01-31 Thread Bruno Wolff III
On Fri, Jan 31, 2003 at 23:47:27 +1100, Matthew Horoschun <[EMAIL PROTECTED]> wrote: > Hi All, > > I'm implementing a system where I need to be reasonably careful about > security. One thing that worries me is SEQUENCES. > > My understanding is that I need to GRANT the UPDATE privilege on the

Re: [SQL] Controlling access to Sequences

2003-01-31 Thread Stephan Szabo
On Sat, 1 Feb 2003, Matthew Horoschun wrote: > > On Saturday, February 1, 2003, at 03:43 PM, Tom Lane wrote: > > > Matthew Horoschun <[EMAIL PROTECTED]> writes: > >> Should I just avoid SEQUENCES altogether and use the OIDs under normal > >> circumstances and the MAX( id ) + 1 style thing when I

Re: [SQL] Controlling access to Sequences

2003-01-31 Thread Matthew Horoschun
On Saturday, February 1, 2003, at 03:43 PM, Tom Lane wrote: Matthew Horoschun <[EMAIL PROTECTED]> writes: Should I just avoid SEQUENCES altogether and use the OIDs under normal circumstances and the MAX( id ) + 1 style thing when I need a human-usable number? I don't think so. MAX()+1 has m

Re: [SQL] Controlling access to Sequences

2003-01-31 Thread Tom Lane
Matthew Horoschun <[EMAIL PROTECTED]> writes: > Should I just avoid SEQUENCES altogether and use the OIDs under normal > circumstances and the MAX( id ) + 1 style thing when I need a > human-usable number? I don't think so. MAX()+1 has more than enough problems of its own. The real bottom line

Re: [SQL] Controlling access to Sequences

2003-01-31 Thread Matthew Horoschun
Hi Tom, Thanks for the response. On Saturday, February 1, 2003, at 03:09 PM, Tom Lane wrote: Matthew Horoschun <[EMAIL PROTECTED]> writes: My understanding is that I need to GRANT the UPDATE privilege on the SEQUENCE if I want a user to be able to to use nextval() on it. The trouble is, if th

Re: [SQL] Controlling access to Sequences

2003-01-31 Thread Tom Lane
Matthew Horoschun <[EMAIL PROTECTED]> writes: > My understanding is that I need to GRANT the UPDATE privilege on the > SEQUENCE if I want a user to be able to to use nextval() on it. The > trouble is, if they can do a nextval() they can also do a setval() So? With enough time on your hands, yo

[SQL] Controlling access to Sequences

2003-01-31 Thread Matthew Horoschun
Hi All, I'm implementing a system where I need to be reasonably careful about security. One thing that worries me is SEQUENCES. My understanding is that I need to GRANT the UPDATE privilege on the SEQUENCE if I want a user to be able to to use nextval() on it. The trouble is, if they can do a