| From: | Bruce Momjian <maillist(at)candle(dot)pha(dot)pa(dot)us> |
|---|---|
| To: | lockhart(at)alumni(dot)caltech(dot)edu (Thomas G(dot) Lockhart) |
| Cc: | darrenk(at)insightdist(dot)com, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: [HACKERS] Postgres acl (fwd) |
| Date: | 1998-01-07 02:23:13 |
| Message-ID: | 199801070223.VAA08318@candle.pha.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> >
> > IMHO, the system tables should _never_ be directly modifiable by anyone
> > other than the superuser/dba. The rest of the population should have to
> > use a command of some sort that can be grant/revoked by said superuser/dba.
>
> Are there any maintenance operations which require a "delete from pg_xxx"? If
> not, then we could just modify the parser (or the executor?) to check the table
> name and not allow insert/delete from any table whose name starts with "pg_". Had
> to ask, although I'm sure this is too easy to actually work :)
Interesting thought. Wonder if it would work?
--
Bruce Momjian
maillist(at)candle(dot)pha(dot)pa(dot)us
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 1998-01-07 02:27:44 | Re: [HACKERS] Postgres acl (fwd) |
| Previous Message | Bruce Momjian | 1998-01-07 02:20:31 | [COMMITTERS] 'pgsql/src/interfaces/odbc/src/socket compat.h connect.h connectp.cpp errclass.cpp errclass.h sockio.cpp sockio.h wO (fwd) |