On Mon, 23 Feb 1998, Jan Wieck wrote:
> > On Mon, 23 Feb 1998, Mattias Kregert wrote:
> > > Bruce Momjian wrote:
> > > >
> > > > OK, but why would anyone want the old behavior?
> > > >
> > > > I guess if you have a table that is not select-able by everyone, and you
> > > > create a view on it, the default permits will allow select to others.
> > > > You would have to set the permit on that view. Is there more to that
> > > > pg_class flag you want to add?
> > >
> > > Why does views default to 'select' permission for 'public'?
> > > I think most people will never think of the possibility that others
> > > will be able to SELECT their data through views.
> > > Should not 'create view' at least print a NOTICE about this?
> > Considering how much security we are putting around everything
> > else, is it unreasonably to have both 'create view'/'create table' default
> > to 'revoke all' to public, and 'grant all' to owner?
> include/utils/acl.h line 65
> set ACL_WORLD_DEFAULT to ACL_NO
> Then tables and views default to what you wanted.
Have you actually tried this? :) Does it break anything?
In response to
pgsql-hackers by date
|Next:||From: Thomas G. Lockhart||Date: 1998-02-23 14:37:44|
|Subject: Re: [HACKERS] Running pgindent|
|Previous:||From: orion.SAPserv.Hamburg.dsh.de!wieck||Date: 1998-02-23 14:12:41|
|Subject: Re: [HACKERS] Here it is - view permissions]|