Re: Curious (mis)behavior of access rights

From: "Matthew T(dot) O'Connor" <matthew(at)zeut(dot)net>
To: <pgsql-hackers(at)postgresql(dot)org>, "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Subject: Re: Curious (mis)behavior of access rights
Date: 2001-06-04 23:16:21
Message-ID: 001b01c0ed4c$5e18e0c0$040a0a0a@ctlno.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

----- Original Message -----
From: "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us>
>
> The only downside of this is that we'd lose the "feature" of being able
> to revoke from a particular user a right that is available via PUBLIC to
> everyone else.

Could we add additional privlideges that explicitly restrict a user?
Perhaps negative permissions like -x -r etc... This would override group
and public permissions and could be set via revoke. What does the SQL Spec
say the behaviour should be when group and user permissions are in conflict?

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Bruce Momjian 2001-06-04 23:25:54 Re: Re: AW: [HACKERS] Re: Support for %TYPE in CREATE FUNCTION
Previous Message Tom Lane 2001-06-04 22:21:20 Curious (mis)behavior of access rights