| From: | jwieck(at)debis(dot)com (Jan Wieck) |
|---|---|
| To: | pgsql-hackers(at)postgreSQL(dot)org (PostgreSQL HACKERS) |
| Subject: | Re: [HACKERS] Here it is - view permissions |
| Date: | 1998-02-23 13:27:12 |
| Message-ID: | m0y6xub-000BFRC@orion.SAPserv.Hamburg.dsh.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
>
> On Mon, 23 Feb 1998, Mattias Kregert wrote:
>
> > Bruce Momjian wrote:
> > >
> > > OK, but why would anyone want the old behavior?
> > >
> > > I guess if you have a table that is not select-able by everyone, and you
> > > create a view on it, the default permits will allow select to others.
> > > You would have to set the permit on that view. Is there more to that
> > > pg_class flag you want to add?
> >
> > Why does views default to 'select' permission for 'public'?
> > I think most people will never think of the possibility that others
> > will be able to SELECT their data through views.
> > Should not 'create view' at least print a NOTICE about this?
>
> Considering how much security we are putting around everything
> else, is it unreasonably to have both 'create view'/'create table' default
> to 'revoke all' to public, and 'grant all' to owner?
include/utils/acl.h line 65
set ACL_WORLD_DEFAULT to ACL_NO
Then tables and views default to what you wanted.
Jan
--
#======================================================================#
# It's easier to get forgiveness for being wrong than for being right. #
# Let's break this rule - forgive me. #
#======================================== jwieck(at)debis(dot)com (Jan Wieck) #
| From | Date | Subject | |
|---|---|---|---|
| Next Message | sferac | 1998-02-23 13:36:10 | Re: [HACKERS] Re: [BUGS] agregate function sum error |
| Previous Message | Bruce Momjian | 1998-02-23 13:15:17 | Re: [HACKERS] Here it is - view permissions] |