| From: | "Harris, Richard" <Richard_Harris(at)adp(dot)com> |
|---|---|
| To: | <pgsql-admin(at)postgresql(dot)org> |
| Subject: | Permissions not removed when group dropped |
| Date: | 2005-05-13 20:43:54 |
| Message-ID: | E2F600719FA6FF438A680A22A00DA43C05F7AA2C@EXCHANGEDS01.ds.ad.adp.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin pgsql-hackers |
Hi,
I'm using PostgreSQL 8.0. I created a group called grpA and granted grpA
'SELECT' permission on view viewA. When I dropped grpA and created group
grpB, group grpB 'automatically' has SELECT permission to viewA. After
dropping a group with permission to a view, I see that the permission
stored in the relacl field fo pg_class is changed from the group name to
the sysid of the dropped group. When a new group is created, it gets a
sysid that is one greater than the largest of the sysid (e.g., the sysid
of the last group dropped). Thus the new group may 'inherit' the
permissions of a dropped group.
I have not found this behavior documented any where. Is this behavior
intended? What do I need to do so that when I drop a group all the
permissions of the group are also 'dropped' (i.e., cleared from the
relacl field)?
Thanks for you help.
Rich Harris
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2005-05-13 21:35:05 | Re: Permissions not removed when group dropped |
| Previous Message | Lee Wu | 2005-05-13 20:32:00 | /tmp/.s.PGSQL.5432 |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2005-05-13 21:35:05 | Re: Permissions not removed when group dropped |
| Previous Message | Jim C. Nasby | 2005-05-13 18:59:01 | Re: Views, views, views: Summary of Arguments |