On Wed, Nov 29, 2017 at 4:56 AM, Stephen Frost <sfr...@snowman.net> wrote:
> > Just to make it clear, I continue to agree with (3) and agree with Tom > that we shouldn't be behaving differently depending on who is calling > the view. I also would vote for 3. That looks consistent with the way we handle accesses based on owner of a view generally (without foreign tables involved). > > The "global rethink" being contemplated seems to be more about > authentication forwarding than it is about this specific change. If > there's some 'global rethink' which is actually applicable to this > specific deviation from the usual "use the view's owner for privilege > checks", then it's unclear to me what that is. Global rethink may constitute other authentication methods like certificate based authentication. But I am not clear about global rethink in the context of owner privileges problem being discussed here. -- Best Wishes, Ashutosh Bapat EnterpriseDB Corporation The Postgres Database Company