On 2/22/17 2:51 AM, Pavel Stehule wrote:
The solution based on rights is elegant, but in this moment I cannot to
see all possible impacts on performance - because it means new check for
any call of any function. Maybe checking call stack can be good enough -
I have not idea how often use case it it.

I think the simple solution to that is not to use proacl for this purpose but to add an oidvector to pg_proc that is a list of allowed callers. If the vector is kept sorted then it's a simple binary search.

BTW, I agree that this feature would be useful, as would PRIVATE, but they're two separate features.
Jim Nasby, Data Architect, Blue Treble Consulting, Austin TX
Experts in Analytics, Data Architecture and PostgreSQL
Data in Trouble? Get it in Treble! http://BlueTreble.com
855-TREBLE2 (855-873-2532)

Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:

Reply via email to