Hi Tom, Thanks for the response.
On Saturday, February 1, 2003, at 03:09 PM, Tom Lane wrote:
Matthew Horoschun <[EMAIL PROTECTED]> writes:My understanding is that I need to GRANT the UPDATE privilege on the SEQUENCE if I want a user to be able to to use nextval() on it. The trouble is, if they can do a nextval() they can also do a setval()So? With enough time on your hands, you can apply nextval() often enough to get from any point A to any point B. It seems illusory to think that forbidding setval() makes things more secure.
Absolutely, You're right. nextval() is just as troublesome.
I don't want to arbitrarily restrict access to setval(). I just want a safer way of handling automatic allocation of primary keys on certain tables.
Should I just avoid SEQUENCES altogether and use the OIDs under normal circumstances and the MAX( id ) + 1 style thing when I need a human-usable number?
Matthew.
---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]
