Re: leaky views, yet again
Heikki Linnakangas <heikki.linnakangas@enterprisedb.com>
From: Heikki Linnakangas <heikki.linnakangas@enterprisedb.com>
To: Greg Stark <gsstark@mit.edu>
Cc: Robert Haas <robertmhaas@gmail.com>, Tom Lane <tgl@sss.pgh.pa.us>, KaiGai Kohei <kaigai@kaigai.gr.jp>, KaiGai Kohei <kaigai@ak.jp.nec.com>, Itagaki Takahiro <itagaki.takahiro@gmail.com>, Heikki Linnakangas <heikki.linnakangas@enterprisedb.com>, pgsql-hackers@postgresql.org
Date: 2010-10-05T18:20:52Z
Lists: pgsql-hackers
On 05.10.2010 21:08, Greg Stark wrote: > If the users that have select access on the view don't have DDL access > doesn't that make them leak-proof for those users? No. You can use built-in functions for leaking data as well. -- Heikki Linnakangas EnterpriseDB http://www.enterprisedb.com