Skip site navigation (1) Skip section navigation (2)

Re: [PATCHES] Users/Groups -> Roles

From: Stephen Frost <sfrost(at)snowman(dot)net>
To: Bruno Wolff III <bruno(at)wolff(dot)to>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>,pgsql-hackers(at)postgresql(dot)org
Subject: Re: [PATCHES] Users/Groups -> Roles
Date: 2005-06-28 20:37:54
Message-ID: 20050628203754.GQ24207@ns.snowman.net (view raw or flat)
Thread:
Lists: pgsql-hackerspgsql-patches
* Bruno Wolff III (bruno(at)wolff(dot)to) wrote:
> Thinking about it some more, drops wouldn't be an issue since the owner
> can always drop objects.

Right.

> Creating objects in particular schemas or databases is not something that
> all roles may be able to do.

Yeah, I'm not entirely sure what I think about this issue.  If you're
not allowed to change ownership of objects and SET ROLE drops your
regular ROLE's privileges then the role which owns the object originally
(and which you're required to be in) must have had create access to that
schema at some point.

I can see requiring the role that's changing the ownership to have
create access to the schema in which the object that's being changed is
in.

	Thanks,

		Stephen

In response to

Responses

pgsql-hackers by date

Next:From: Magnus HaganderDate: 2005-06-28 20:43:17
Subject: Re: [HACKERS] Proposed TODO: --encoding option for pg_dump
Previous:From: Alvaro HerreraDate: 2005-06-28 20:33:16
Subject: Re: [HACKERS] Proposed TODO: --encoding option for pg_dump

pgsql-patches by date

Next:From: Magnus HaganderDate: 2005-06-28 20:43:17
Subject: Re: [HACKERS] Proposed TODO: --encoding option for pg_dump
Previous:From: Alvaro HerreraDate: 2005-06-28 20:33:16
Subject: Re: [HACKERS] Proposed TODO: --encoding option for pg_dump

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group