Nando Dessena wrote:

>H> Me too. I've been really struggling to understand why it would ever be
>H> necessary (or even rational) to defer authorisation until execution
>H> time.
>
>two things come to mind:
>
>1) to be able to cache prepared statements across different
>transactions/connections/users.
>
>

Reuse of a cached compiled statement requires that permissions be
validated during the prepare operation. Nothing needs to be deferred to
runtime.

>2) to implement row-level security.
>
>

That's a different question altogether.

>
>
>