The problem is that the more complex you make things, the easier it is to make a mistake. That's why I like our simpler model unless there is a glaring problem with it.
--------------------------------------------------------------------------- Bruno Wolff III wrote: > On Fri, Nov 01, 2002 at 21:35:40 -0500, > Bruce Momjian <[EMAIL PROTECTED]> wrote: > > > > I think we open up more security problems by having the inserter doing > > things as the owner of the table. > > With triggers it is a bit hard to decide. Since people other than the > table owner can create them, but then they effectively belong to the > table owner. I think that makes having them execute as the table > owner reasonable. The table owner is taking his chances by letting > other people create triggers on his table. > > For constraints and default expressions I don't see any problems for > having them execute as the table owner. This provides a small advantage > in providing limited update ability for sequences, that would otherwise > require creating a function to achieve. > > As long as people realize that when they insert, update or delete from > a table owned by someone else they need to trust that person it probably > isn't a big deal. The descriptions of triggers hint at this but from > a different perspective (that of a table owner letting people create > triggers on his table) and people might not make the connection (assuming > they even read about triggers). > > ---------------------------(end of broadcast)--------------------------- > TIP 3: if posting/reading through Usenet, please send an appropriate > subscribe-nomail command to [EMAIL PROTECTED] so that your > message can get through to the mailing list cleanly > -- Bruce Momjian | http://candle.pha.pa.us [EMAIL PROTECTED] | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073 ---------------------------(end of broadcast)--------------------------- TIP 3: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to [EMAIL PROTECTED] so that your message can get through to the mailing list cleanly
