Tom Lane wrote:
Since the tables you need to touch are all shared, it's conceivable
that
this could be hacked around, but it seems awfully messy. Another
consideration is that this'd significantly increase the amount of work
done before validating that the connection request is authorized,
Yah, I thought the chicken-and-egg issue might be the nub of it - it
sure feels more secure to avoid accessing any tables at all 'til you
know what kind of access the user has.
- John Burger
MITRE
---------------------------(end of broadcast)---------------------------
TIP 1: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to [EMAIL PROTECTED] so that your
message can get through to the mailing list cleanly
