Re: [7.4] "permissions problem" with pl/pgsql function

From: Christopher Kings-Lynne <chriskl(at)familyhealth(dot)com(dot)au>
To: "Marc G(dot) Fournier" <scrappy(at)hub(dot)org>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: [7.4] "permissions problem" with pl/pgsql function
Date: 2004-01-20 00:22:56
Message-ID: 400C74E0.4050205@familyhealth.com.au
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers


> 420_test=> select
> dropgeometrycolumn('420_test','lroadline61','roads61_geom');
> ERROR: permission denied for relation pg_attribute
> CONTEXT: PL/pgSQL function "dropgeometrycolumn" line 19 at execute statement
>
> the database was created as:
>
> CREATE DATABASE <db> WITH OWNER = <owner>
>
> and I'm connected to the database as the owner ... shouldn't the "system
> tables" also be owned by the owner?

No, you have to have the usecatupd field set to true in your pg_shadow
row to be able to modify the catalogs. This is automatically assigned
to a superuser, not the database owner. (Otherwise it's trivial to munt
someone else's database by deleting from pg_database or pg_shadow...)

Chris

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Josh Berkus 2004-01-20 00:37:01 Re: VACUUM delay (was Re: What's planned for 7.5?)
Previous Message Thomas Hallgren 2004-01-20 00:20:51 Re: SPI_prepare and error recovery