On Thu, 2002-10-31 at 10:33, Bruno Wolff III wrote:
> On Thu, Oct 31, 2002 at 10:17:26 -0500,
>   Rod Taylor <[EMAIL PROTECTED]> wrote:
> > Can't necessarily run them as the table owner, as it may give
> > information to other users with the ability to ALTER that table.
> You have to be the table owner to alter a table. So it should be OK
> to have the default expressions and check constraints run as the owner.

Yes, default expressions and check constraints could possibly.  However,
both revoke complex expressions (no sub-selects, etc) so there is little

Functions can already suid if you are using them in check constraints
for complex lookups.

An ASSERTION may be appropriate for suid, as would REFERENCES -- but
only when explicitly asked for, and those should run as the constraint
owner NOT as the table owner.

  Rod Taylor

---------------------------(end of broadcast)---------------------------
TIP 6: Have you searched our list archives?


Reply via email to