From: | The Hermit Hacker <scrappy(at)hub(dot)org> |
---|---|
To: | Mattias Kregert <matti(at)algonet(dot)se> |
Cc: | Bruce Momjian <maillist(at)candle(dot)pha(dot)pa(dot)us>, pgsql-hackers(at)postgreSQL(dot)org |
Subject: | Re: [HACKERS] Here it is - view permissions |
Date: | 1998-02-23 13:06:33 |
Message-ID: | Pine.NEB.3.95.980223080529.17896B-100000@hub.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Mon, 23 Feb 1998, Mattias Kregert wrote:
> Bruce Momjian wrote:
> >
> > OK, but why would anyone want the old behavior?
> >
> > I guess if you have a table that is not select-able by everyone, and you
> > create a view on it, the default permits will allow select to others.
> > You would have to set the permit on that view. Is there more to that
> > pg_class flag you want to add?
>
> Why does views default to 'select' permission for 'public'?
> I think most people will never think of the possibility that others
> will be able to SELECT their data through views.
> Should not 'create view' at least print a NOTICE about this?
Considering how much security we are putting around everything
else, is it unreasonably to have both 'create view'/'create table' default
to 'revoke all' to public, and 'grant all' to owner?
From | Date | Subject | |
---|---|---|---|
Next Message | Bruce Momjian | 1998-02-23 13:07:26 | Re: [HACKERS] Here it is - view permissions |
Previous Message | Brett McCormick | 1998-02-23 13:00:34 | Re: pl/{perl,pgsql} (was Re: AW: [HACKERS] triggers, views and ru |