Tom Lane wrote:
"Robert Haas" <[EMAIL PROTECTED]> writes:
IF this will be implemented as suggested here, it will become
extremely counter-intuitive.
You could solve this by having explicit positive and negative ACLs, i.e.
your permissions for a particular column are:

Uh, wait a moment, people.  The proposed project is to implement a
capability that is fully, 100% specified by the SQL standard.  There
is zero scope for API invention here.  You read the spec, you do
what it says.

I did read the spec. My suggestion still stands. Because this is a non-standard construct in the security world (which generally does && when combining attributes) the fact that revoking permissions on a column does nothing unless table exist deserves being documented.

I couldn't find the detail on the rest in the spec (what section is that in?) but I know Oracle allows inserts to happen if the columns without privilege are null or have a default value. Am I missing something obvious in the spec that describes this explicitly?

- August

---------------------------(end of broadcast)---------------------------
TIP 9: In versions below 8.0, the planner will ignore your desire to
      choose an index scan if your joining column's datatypes do not

Reply via email to