| From: | Bruno Wolff III <bruno(at)wolff(dot)to> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: [PATCHES] Users/Groups -> Roles |
| Date: | 2005-06-28 19:52:07 |
| Message-ID: | 20050628195207.GB12571@wolff.to |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers pgsql-patches |
On Tue, Jun 28, 2005 at 14:45:06 -0400,
Stephen Frost <sfrost(at)snowman(dot)net> wrote:
>
> If you are the owner of the object to be changed (following the normal
> owner checking rules) AND would still be considered the owner of the
> object *after* the change, then you can change the ownership.
That still isn't a good idea, because the new owner may not have had
access to create the object you just gave to them. Or you may not have
had access to drop the object you just gave away. That is going to
be a security hole.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Nick Johnson | 2005-06-28 19:55:23 | Re: ENUM like data type |
| Previous Message | Stephen Frost | 2005-06-28 19:39:27 | Re: [PATCHES] Users/Groups -> Roles |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruno Wolff III | 2005-06-28 20:01:42 | Re: [PATCHES] Users/Groups -> Roles |
| Previous Message | Stephen Frost | 2005-06-28 19:39:27 | Re: [PATCHES] Users/Groups -> Roles |