On 03/29/2017 06:36 AM, Tom Lane wrote:
Karsten Hilbert <Karsten.Hilbert@xxxxxxx> writes:
Being able to create foreign keys may allow to indirectly
discover whether certain values exists in a table which I
don't otherwise have access to (by means of failure or
success to create a judiciously crafted FK).
Aside from that, an FK can easily be used to cause effective
denial-of-service, for example preventing rows from being deleted
within a table, or adding enormous overhead to such a deletion.
Thank you both for taking a look! I agree those are both worthwhile
concerns. It still seems a little strange it is not just part of the
CREATE permission (for example). I understand why not everyone can
create a foreign key, I just have trouble imagining a use case where it
is helpful to separate it from other DDL commands. Anyway, I didn't
write the article to nitpick details like that, but sometimes by asking
"why" you learn new things. I really appreciate your offering your thoughts!
Paul
--
Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
