Skip site navigation (1) Skip section navigation (2)

Re: [HACKERS] Here it is - view permissions]

From: Zeugswetter Andreas SARZ <Andreas(dot)Zeugswetter(at)telecom(dot)at>
To: "'pgsql-hackers(at)hub(dot)org'" <pgsql-hackers(at)hub(dot)org>
Subject: Re: [HACKERS] Here it is - view permissions]
Date: 1998-02-23 17:23:03
Message-ID: 219F68D65015D011A8E000006F8590C6010A51EF@sdexcsrv1.sd.spardat.at (view raw or flat)
Thread:
Lists: pgsql-hackers
>> > > Why does views default to 'select' permission for 'public'?
>> > > I think most people will never think of the possibility that others
>> > > will be able to SELECT their data through views.
>> > > Should not 'create view' at least print a NOTICE about this?
>> > 
>> > 	Considering how much security we are putting around everything
>> > else, is it unreasonably to have both 'create view'/'create table'
default
>> > to 'revoke all' to public, and 'grant all' to owner?
>> 
>> Most commercial databases don't do this.
>
>	Well, just checked with Wayne (My Oracle Guru) and in Oracle,
>everything is private by default, and you open it up as required/desired
>to other ppl...

Hate to say this, but ANSI says the default has to be no rigths for public.
Informix has a separate config parameter to enforce this. I use this
parameter. (NODEFDAC=yes)
I still think this is a non issue, since the paranoid under us (like myself
on sensitive data) will always
revoke all on <new table> from public; first thing after the create table
just to be sure.

Andreas

pgsql-hackers by date

Next:From: The Hermit HackerDate: 1998-02-23 17:43:41
Subject: Re: [HACKERS] Open 6.3 issues
Previous:From: Darren KingDate: 1998-02-23 17:14:47
Subject: Re: [HACKERS] Open 6.3 issues

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group