| From: | Bruce Momjian <maillist(at)candle(dot)pha(dot)pa(dot)us> |
|---|---|
| To: | scrappy(at)hub(dot)org (The Hermit Hacker) |
| Cc: | kwitten(at)qdt(dot)com, hackers(at)postgreSQL(dot)org |
| Subject: | Re: [HACKERS] Postgres acl (fwd) |
| Date: | 1998-01-06 18:42:02 |
| Message-ID: | 199801061842.NAA01656@candle.pha.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
>
> On Tue, 6 Jan 1998, Bruce Momjian wrote:
>
> > Can someone who has permission to create databases be trusted not to
> > delete others? If we say no, how do we make sure they can change
> > pg_database rows on only databases that they own?
>
> deleting a database is accomplished using 'drop database', no?
> Can the code for that not be modified to see whether the person dropping
> the database is the person that owns it *or* pgsuperuser?
It already does the check, but issues an SQL from the C code to delete
from pg_database. I believe any user who can create a database can
issue the same SQL command from psql, bypassing the drop database
checks, no?
--
Bruce Momjian
maillist(at)candle(dot)pha(dot)pa(dot)us
| From | Date | Subject | |
|---|---|---|---|
| Next Message | The Hermit Hacker | 1998-01-06 18:47:17 | Re: [HACKERS] Postgres acl (fwd) |
| Previous Message | Peter T Mount | 1998-01-06 18:11:32 | Re: [HACKERS] I want to change libpq and libpgtcl for better handling of large query results |