Rod Taylor writes:
> The solution? Information_Schema coupled with no direct access to
> pg_catalog. Internals can use pg_catalog, possibly super users, but
> regular users shouldn't be able to do any reads / writes to it
> directly -- as per spec with definition_schema.
The catch on this is that privileges on views don't work quite perfectly
yet. For instance, if you create a view
CREATE VIEW bar AS SELECT * FROM foo;
then the statement
SELECT * FROM bar;
needs privileges to read "foo". The privileges would need to be changed
to be checked at view creation time.
--
Peter Eisentraut [EMAIL PROTECTED]
---------------------------(end of broadcast)---------------------------
TIP 3: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to [EMAIL PROTECTED] so that your
message can get through to the mailing list cleanly
