Skip site navigation (1) Skip section navigation (2)

Re: Re: grant privileges to a database

From: "Dan Wilson" <phpPgAdmin(at)acucore(dot)com>
To: "Martin A(dot) Marques" <martin(at)math(dot)unl(dot)edu(dot)ar>, "Michael Fork" <mfork(at)toledolink(dot)com>
Cc: <pgsql-hackers(at)postgresql(dot)org>, <pgsql-general(at)postgresql(dot)org>
Subject: Re: Re: grant privileges to a database
Date: 2001-01-31 22:39:46
Message-ID: 000701c08bd6$b6dea280$543987cf@corp.peoplesoft.com (view raw or flat)
Thread:
Lists: pgsql-generalpgsql-hackers
: El Mié 31 Ene 2001 18:32, Dan Wilson escribió:
: > You can do this in phpPgAdmin... it's a hack because it just pulls in
all
: > the objects/relations and runs a single grant statement on them, but it
: > works.  It puts together a query like the following:
: >
: > GRANT ALL ON table1, table2, table3, view1, view2, sequence1, sequence2
TO
: > user
: >
: > Which I suppose you can do manually if you don't have phpPgAdmin
installed.
: >
: > It ain't the prettiest, but it works!
:
: The problem is that this is not what I'm looking for. I want the user to
be
: able to create new tables, views, sequences, etc on that database.

Oh, if you want to do that, then you don't have to do any granting of
priviledges.  It seems that Postgres allows any user to create a table on a
database.  Even if the user is not the owner of the database.  AFAIK, there
are no acl's associated with the database.

I've posed this question before and have not received any response, but is
this an undocumented feature or a sercurity bug?  Personally, I don't think
anyone should be able to create relations on a database they do not own.

-Dan


In response to

Responses

pgsql-hackers by date

Next:From: Steve ShafferDate: 2001-01-31 22:58:06
Subject: ODBC Problem v7.1 beta4
Previous:From: Martin A. MarquesDate: 2001-01-31 22:18:12
Subject: Re: Re: grant privileges to a database

pgsql-general by date

Next:From: Hiroshi InoueDate: 2001-01-31 23:14:54
Subject: Re: Creating indeces on existing tables...
Previous:From: Martin A. MarquesDate: 2001-01-31 22:18:12
Subject: Re: Re: grant privileges to a database

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group