| From: | "Daniel Verite" <daniel(at)manitou-mail(dot)org> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Do we want SYNONYMS? |
| Date: | 2010-12-07 12:18:32 |
| Message-ID: | 1084b3db-00c0-4d37-beec-9097e420b84b@mm |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Tom Lane wrote:
> Taken at face value from a Postgres perspective, these statements seem
> to imply that different ownership and permissions apply to a synonym
> than to its referenced object; which seems like a completely horrid idea
> from a security standpoint. But maybe they are only trying to say that
> a synonym hides which *schema* the referenced object is in, and that is
> tantamount to hiding the owner if you have the mindset that owner ==
> schema. Can anyone elucidate on just what is behind those statements?
From
http://download.oracle.com/docs/cd/B28359_01/network.111/b28531/authorization
.htm#i1009141
[quote]
A schema object and its synonym are equivalent with respect to privileges.
That is, the object privileges granted on a table, view, sequence, procedure,
function, or package apply whether referencing the base object by name or by
using a synonym.
[/quote]
...
[quote]
If you grant object privileges on a table, view, sequence, procedure,
function, or package by referring to the object through a synonym for the
object, then the effect is the same as if no synonym were used.
[/quote]
Best regards,
--
Daniel
PostgreSQL-powered mail user agent and storage: http://www.manitou-mail.org
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dmitriy Igrishin | 2010-12-07 12:54:24 | Re: Do we want SYNONYMS? |
| Previous Message | kobi.biton | 2010-12-07 11:58:46 | Re: if-clause to an exiting statement |