| From: | "Roberts, Jon" <Jon(dot)Roberts(at)asurion(dot)com> |
|---|---|
| To: | "Andrew Dunstan" <andrew(at)dunslane(dot)net>, "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com> |
| Cc: | "Greg Sabino Mullane" <greg(at)turnstep(dot)com>, <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Including PL/PgSQL by default |
| Date: | 2008-02-21 18:51:33 |
| Message-ID: | 1A6E6D554222284AB25ABE3229A9276271560A@nrtexcus702.int.asurion.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
>
> Joshua D. Drake wrote:
> >
> > Notice that user foo is not a super user. Now I log into
> > PostgreSQL and connect to the postgres database (the super users
> > database) as the non privileged user "foo". The user "foo" in theory
> > has *zero* rights here accept that he can connect.
> >
> >
> >
>
> That's not true. The public schema has public UC privs, and always has
> had.
>
Is it safe to remove UC privs on the public schema? Having rights to
"connect" should mean connect, not connect and create.
Jon
Jon
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Gregory Stark | 2008-02-21 18:51:50 | Re: VARATT_EXTERNAL_GET_POINTER is not quite there yet |
| Previous Message | Joshua D. Drake | 2008-02-21 18:46:14 | Re: Including PL/PgSQL by default |