I said:
> And I have not yet been able to think of a concrete case where the
> existing behavior (execute as calling user) is better.
Okay, I've thought of one: consider the situation where you want to
label each row in a table with the ID of the user who inserted it.
Right now, you can do
...,
who name default current_user,
...
or for greater security use a trigger to set the column value.
This will stop working if defaults and triggers run as the table
owner. (You could maybe use session_user instead, but it's not
clear that that's the right thing if the user is calling setuid
functions that do things on his behalf.)
However this is only one example; I still think Bruno's got a good
argument.
regards, tom lane
---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?
http://www.postgresql.org/users-lounge/docs/faq.html
