* Zhaomo Yang (zmp...@gmail.com) wrote: > > Just a side-note, but your mail client doesn't seem to get the quoting > > quite right sometimes, which can be confusing. Not sure if there's > > anything you can do about it but wanted to let you know in case there > > is. > > Sorry about this. From now on I'll use the plain text mode for msgs I > send to the mailing list. > Please let me know if this happens also in this email.
Looks like this one has all of the quoting correct- thanks! > > Regarding this, specifically, we'd need to first decide on what the > > syntax/grammar should be. > > I'll think about it. Also, thanks for the pointers. Sure, no problem. > > Right, and we adressed the concerns with RETURNING. Regarding the > > non-RETURNING case, The same concerns about blind updates and deletes > > already exist with the GRANT permission system; it's not anything new. > > I think they are different. In the current GRANT permission system, > one can do blind updates but he > cannot refer to any existing values in either the expressions or the > condition if he doesn't have > SELECT privilege on the table (or the columns), thus the tricks like > divide-by-zero cannot be used and a malicious > user cannot get information out of blind updates. Ok, I see what you're getting at with that and I believe it'll be a pretty straight-forward change, thanks to Dean's recent rework. I'll take a look at making that happens. Thanks! Stephen
signature.asc
Description: Digital signature
