From: | "Wallingford, Ted" <twallingford(at)indexc(dot)com> |
---|---|
To: | "Wallingford, Ted" <twallingford(at)indexc(dot)com>, "'pgsql-admin(at)postgresql(dot)org'" <pgsql-admin(at)postgresql(dot)org> |
Cc: | pgsql-sql(at)postgresql(dot)org |
Subject: | create view security |
Date: | 2000-05-31 12:45:55 |
Message-ID: | 70866BD37E22D4119D8000600899F70D011CC3@INDEXAPP00 |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-admin pgsql-sql |
Hi All,
I am trying to enable my web site to create views in a database owned by a
user called ddirpts. Now, the web server runs as nobody, and nobody has a
user and database set up in Postgres.. But the problem is, whenever I have a
cgi program issue a create view query on the ddirpts database, the backend
reports Parse error at or near "". I can however issue create view commands
as ddirpts.
I was thinking this might be a security restriction, wherein no user can
create views/tables in another user's database without some kind of special
permission--problem is, how do I create the permission?
I am using 6.3 in this case.
_________________________________________________
Ted Wallingford
Manager of Information Technology
Independence Excavating, Inc.
Precision Environmental Co.
Independence Communications, Inc.
www.indexc.com
> -----Original Message-----
> From: Thomas Lockhart [mailto:lockhart(at)alumni(dot)caltech(dot)edu]
> Sent: Tuesday, May 30, 2000 10:04 PM
> To: Tom Lane
> Cc: Peter Eisentraut; Joseph Shraibman; pgsql-sql(at)postgresql(dot)org;
> pgsql-hackers(at)postgresql(dot)org
> Subject: Re: [HACKERS] Re: [SQL] aliases break my query
>
>
> > At one time Bruce had made some patches to emit informative notice
> > messages about implicit FROM entries, but that got turned off again
> > for reasons that I forget...
>
> It was triggered with common cases from the "outer join"
> syntax. It took
> a while to track down since it was introduced while I was
> working on the
> syntax feature :(
>
> If it *really* needs to be put back in, then we should do so
> with a flag
> so we can disable the warning at compile time, run time, and/or in the
> outer join parser area. But imho sprinkling the parser with
> warnings for
> allowed syntax is heading the wrong direction. If it is
> legal, allow it.
> If it is illegal, disallow it. If it is confusing for some, but works
> fine for others, it shouldn't become "sort of legal" with a warning.
>
> - Thomas
>
Attachment | Content-Type | Size |
---|---|---|
Wallingford, Ted.vcf | application/octet-stream | 137 bytes |
From | Date | Subject | |
---|---|---|---|
Next Message | Bruce Momjian | 2000-05-31 13:09:39 | Re: pgaccess use wrong password |
Previous Message | Norbert Meissner | 2000-05-31 11:37:45 | Re: table size limit under Linux |
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2000-05-31 15:53:25 | Re: Function-based index not used in a simple query |
Previous Message | Rostislav Opocensky | 2000-05-31 10:33:05 | Re: Function-based index not used in a simple query |