[Gnumed-devel] Re: for your perusal

[Syan Tan]

if I login as postgres user , and in psql  do  " create lang 'plpgsql'  ", it seems to work.

maybe the boostrap language  function should catch on first failure, and attempt the above.;



On Wed May 24 14:03 , Karsten Hilbert sent:

> On Tue, May 23, 2006 at 11:45:09PM +1000, syan tan wrote:
>
> >  I suppose it depends on whether you are going to allow 
> > inserts into clin_narrative  where importers specifically
> > specify a particular pg_user,
> No.
>
> > or make all imports always
> > the current user,
> Yes. SESSION_USER, that is, even in spite of SECURITY DEFINER.
>
> Using SECURITY DEFINER would entail allowing write access to
> the log tables to *any* user. Which sounds an awful lot like
> trouble.
>
> > in which case importers have to use
> > set session authorization,
> Or rather connect as those users.
>
> > unless you will allow another
> > field to specify an original author for importers, and keep 
> > modified_by for the particular user the importer is invoked
> > under.
> The latter. If you are hell-bent to get the original author
> into modified_by (which isn't really the truth in technical
> terms) you need to go all the way for the fake to work
> (create and connect as that user, that is).
>
> To my understanding this is necessary to make auditing worth
> it's while at all.
>
> Karsten
> -- 
> GPG key ID E4071346 @ wwwkeys.pgp.net
> E167 67FD A291 2BEA 73BD  4537 78B9 A9F9 E407 1346