Tom Lane wrote:
Martijn van Oosterhout <> writes:
The trigger never runs as the owner of the table AIUI, only ever as the
definer of the function or as session user.

Yeah.  This might itself be seen as a bug: I think you could make a
reasonable case that the default behavior ought to be to run as the
table owner (but still overridable if trigger function is SECURITY
DEFINER, of course).  In the current situation a table owner can use
a trigger function as a trojan horse against anyone modifying the

Is this true for on-select rules too? In that case, couldn't any
user run his code as postmaster by creating an appropriate on-select
rule and waiting until somebody/cron backups the database using pg_dump?

Or is pg_dump smart enough to skip dumping tables with on-select rules?

greetings, Florian Pflug

---------------------------(end of broadcast)---------------------------
TIP 1: if posting/reading through Usenet, please send an appropriate
      subscribe-nomail command to [EMAIL PROTECTED] so that your
      message can get through to the mailing list cleanly

Reply via email to