Excerpts from Etsuro Fujita's message of mié feb 22 05:37:36 -0300 2012:
> I did some tests. The results look good to me. Please find attached a
> logfile.
Thanks.
> My only concern on the patch is
>
> +static void
> +AlterForeignServerOwner_internal(Relation rel, HeapTuple tup, Oid
> newOwnerId)
> +{
> + Form_pg_foreign_server form;
>
> - srvId = HeapTupleGetOid(tup);
> form = (Form_pg_foreign_server) GETSTRUCT(tup);
>
> if (form->srvowner != newOwnerId)
> @@ -366,10 +388,15 @@ AlterForeignServerOwner(const char *name, Oid
> newOwnerId)
> /* Superusers can always do it */
> if (!superuser())
> {
>
> I wonder if superusers can always do it. For example, is it OK for
> superusers to change the ownership of a foreign server owned by old_role
> to new_role that doesn't have USAGE privilege on its foreign data wrapper.
Well, permission checking are just what they were before the patch. I
did not change them here. I didn't participate in the discussions that
led to the current behavior, but as far as I know the guiding principle
here is that superusers always can do whatever they please. Maybe what
you point out is a bug in the behavior (both before and after my patch),
but if so, please raise it separately.
--
Álvaro Herrera <alvherre@commandprompt.com>
The PostgreSQL Company - Command Prompt, Inc.
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
