I think it is right---the superuser can select from
the view, even if the view's owner tries to prevent that---,
but maybe a good way is checking owner's privilage when creating a view as
It would be better not to create a view if a user cann`t access a table.
"Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us> :6863(dot)1257132736(at)sss(dot)pgh(dot)pa(dot)us(dot)(dot)(dot)
> "hx.li" <fly2nn(at)126(dot)com> writes:
>> In postgresql's documentPart VI. Reference,SQL Commands,GRANT, it said:
>> It should be noted that database superusers can access all objects
>> regardless of object privilege settings.
> What that means in this example is that the superuser can select from
> the view, even if the view's owner tries to prevent that. However,
> the view itself doesn't have any more permissions than it had before.
> It would have failed for anyone, and it fails for the superuser too.
> I grow weary of debating this with you.
> regards, tom lane
> Sent via pgsql-bugs mailing list (pgsql-bugs(at)postgresql(dot)org)
> To make changes to your subscription:
In response to
pgsql-bugs by date
|Next:||From: donniehan||Date: 2009-11-02 06:53:42|
|Subject: Re: BUG #5147: DBA can not access view|
|Previous:||From: Tom Lane||Date: 2009-11-02 03:32:16|
|Subject: Re: BUG #5147: DBA can not access view |