* Robert Haas (robertmh...@gmail.com) wrote: > Well, I think that's an acceptable approach from the point of view of > fixing the security exposure, but it's far from ideal. Good error > messages are important for usability. I can live with this as a > short-term fix, but in the long run I strongly believe we should try > to do better.
It certainly wouldn't be hard to add the same check around the WITH OPTION case that's around my proposed solution for the other issues- just check for SELECT rights on the underlying table. Another question is if we could/should limit this to the UPDATE case. With the INSERT case, any columns not provided by the user would be filled out by defaults, which can likely be seen in the catalog, or the functions in the catalog for the defaults or for any triggers might be able to be run by the user executing the INSERT anyway to see what would have been used in the resulting row. I'm not completely convinced there's no risk there though.. Thoughts? Thanks, Stephen
Description: Digital signature