From: | "Rod Taylor" <rbt(at)zort(dot)ca> |
---|---|
To: | "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | "Joe Conway" <mail(at)joeconway(dot)com>, <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Schema (namespace) privilege details |
Date: | 2002-04-19 02:02:23 |
Message-ID: | 03e601c1e746$3fb7ed70$8001a8c0@jester |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
> I'm not real comfortable with this. The design I proposed is based
> fairly firmly on the Unix directory/file protection model --- which
> is assuredly not perfect, but it's survived a lot of use and is not
> known to have major flaws. You're suggesting that we should invent
Will we be able to accomplish the equivelent of the below?
knight# ls -la
total 3
drwxr-xr-x 2 rbt rbt 512 Apr 18 21:53 .
drwxr-xr-x 43 rbt rbt 2048 Apr 18 21:36 ..
-rwx------ 1 root wheel 0 Apr 18 21:53 file
knight# head /etc/group
# $FreeBSD: src/etc/group,v 1.19.2.1 2001/11/24 17:22:24 gshapiro Exp
$
#
wheel:*:0:root
daemon:*:1:daemon
kmem:*:2:root
sys:*:3:root
tty:*:4:root
operator:*:5:root
mail:*:6:
bin:*:7:
knight# exit
exit
bash-2.05a$ whoami
rbt
bash-2.05a$ rm file
override rwx------ root/wheel for file? y
bash-2.05a$ ls -la
total 3
drwxr-xr-x 2 rbt rbt 512 Apr 18 21:55 .
drwxr-xr-x 43 rbt rbt 2048 Apr 18 21:36 ..
> > I'd really like to see a schema owner have full control over all
> > objects in a schema, and likewise a database owner have full
control
> > over their database. My POV for large systems.
> Those things are both easily done: just don't allow anyone else to
> create objects in your schema (resp. database). This is indeed what
Yes, basically what we do now. I'm hoping to add the ability to
enable a group (ROLES) to have ownership of items as well as users
when I complete the other tasks I've set before myself.
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2002-04-19 02:02:45 | Odd(?) RI-trigger behavior |
Previous Message | Oliver Elphick | 2002-04-19 01:49:12 | Re: Schema (namespace) privilege details |