* Greg Stark (gsst...@mit.edu) wrote: > Also incidentally I'm having trouble imagining a scenario where this > really matters. For it to be an issue you would have to simultaneously > have a user which can't access all the data and must go through views > which limit the data he can access -- and has privileges to issue DDL > to create functions and operators. That seems like an unlikely > combination. I've seen views used before to restrict the role accounts > used by front-end applications but those accounts have no DDL > privileges.
Erm, I have to disagree with this in general.. We don't all just build
web apps. On multi-user databases, this really isn't that uncommon.
I'm not saying it's an everyday kind of thing, but I don't think this
issue is something we can just ignore either.
Thanks,
Stephen
signature.asc
Description: Digital signature
