On Thu, Oct 14, 2021 at 3:02 PM Jeff Davis <pg...@j-davis.com> wrote: > How do you feel about at least allowing the functions to execute (and > if it's SECURITY INVOKER, possibly encountering a permissions failure > during execution)?
I think we'd at least need to check that the view owner has execute permission on the function. I'm not sure whether there are any other gotchas. > There are of course security implications with any change like that, > but it seems like a fairly minor one unless I'm missing something. Why > would an admin give someone the privileges to read a view if it will > always fail due to lack of execute privilege? An excellent question. -- Robert Haas EDB: http://www.enterprisedb.com
