Skip site navigation (1) Skip section navigation (2)

Re: [HACKERS] Here it is - view permissions]

From: orion(dot)SAPserv(dot)Hamburg(dot)dsh(dot)de!wieck(at)sapserv(dot)debis(dot)de
To: scrappy(at)hub(dot)org (The Hermit Hacker)
Subject: Re: [HACKERS] Here it is - view permissions]
Date: 1998-02-23 14:12:41
Message-ID: m0y6ydG-000BFRC@orion.SAPserv.Hamburg.dsh.de (view raw or flat)
Thread:
Lists: pgsql-hackers
> 
> On Mon, 23 Feb 1998, Bruce Momjian wrote:
> 
> > > > Why does views default to 'select' permission for 'public'?
> > > > I think most people will never think of the possibility that others
> > > > will be able to SELECT their data through views.
> > > > Should not 'create view' at least print a NOTICE about this?
> > > 
> > > 	Considering how much security we are putting around everything
> > > else, is it unreasonably to have both 'create view'/'create table' default
> > > to 'revoke all' to public, and 'grant all' to owner?
> > 
> > Most commercial databases don't do this.
> 
> 	Well, just checked with Wayne (My Oracle Guru) and in Oracle,
> everything is private by default, and you open it up as required/desired
> to other ppl...

    Microsoft SQL server too defaults to private and requires
    explicit GRANT for public.


Jan

-- 

#======================================================================#
# It's easier to get forgiveness for being wrong than for being right. #
# Let's break this rule - forgive me.                                  #
#======================================== jwieck(at)debis(dot)com (Jan Wieck) #



In response to

pgsql-hackers by date

Next:From: The Hermit HackerDate: 1998-02-23 14:33:09
Subject: Re: [HACKERS] Here it is - view permissions
Previous:From: Vadim B. MikheevDate: 1998-02-23 14:04:55
Subject: Re: [HACKERS] Current 6.3 issues

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group