Re: Schema (namespace) privilege details

> I'm not real comfortable with this. The design I proposed is based
> fairly firmly on the Unix directory/file protection model --- which
> is assuredly not perfect, but it's survived a lot of use and is not
> known to have major flaws. You're suggesting that we should invent

Will we be able to accomplish the equivelent of the below?

knight# ls -la
total 3
drwxr-xr-x 2 rbt rbt 512 Apr 18 21:53 .
drwxr-xr-x 43 rbt rbt 2048 Apr 18 21:36 ..
-rwx------ 1 root wheel 0 Apr 18 21:53 file

knight# head /etc/group
# $FreeBSD: src/etc/group,v 1.19.2.1 2001/11/24 17:22:24 gshapiro Exp
$
#
wheel:*:0:root
daemon:*:1:daemon
kmem:*:2:root
sys:*:3:root
tty:*:4:root
operator:*:5:root
mail:*:6:
bin:*:7:

knight# exit
exit

bash-2.05a$ whoami
rbt

bash-2.05a$ rm file
override rwx------ root/wheel for file? y

bash-2.05a$ ls -la
total 3
drwxr-xr-x 2 rbt rbt 512 Apr 18 21:55 .
drwxr-xr-x 43 rbt rbt 2048 Apr 18 21:36 ..

> > I'd really like to see a schema owner have full control over all
> > objects in a schema, and likewise a database owner have full
control
> > over their database. My POV for large systems.

> Those things are both easily done: just don't allow anyone else to
> create objects in your schema (resp. database). This is indeed what

Yes, basically what we do now. I'm hoping to add the ability to
enable a group (ROLES) to have ownership of items as well as users
when I complete the other tasks I've set before myself.