Home > mailing lists

Roles as objects in Postgres's security system - Mailing list pgsql-admin

From	sftf
Subject	Roles as objects in Postgres's security system
Date	July 2, 2008 09:30:56
Msg-id	1898029110.20080702163044@mail.ru Whole thread Raw
Responses	Re: Roles as objects in Postgres's security system (Alvaro Herrera <alvherre@commandprompt.com>)
List	pgsql-admin

Tree view

Hi!
My English is bad, so in short - why Postgres (and surprisingly other's, like Oracle) lacks something like this:

1. What roles who can create or delete (insteed solid CREATEROLE privilege)
GRANT { { CREATE | DROP }
    [,...] | ALL [ PRIVILEGES ] }
    ON { {ROLE rolename [, ...]} | ANY ROLE}
    TO { rolename } [, ...] [ WITH ADMIN OPTION ]

2. What in what roles who can alter
GRANT ALTER { LOGIN | PASSWORD | INHERIT | RENAME | VALID | SET | и т.д. }
    ON ROLE rolename [, ...]
    TO { rolename } [, ...] [ WITH ADMIN OPTION ]

3. What roles who can grant to whom
GRANT GRANT {ANY | rolename [, ...]} }
    ON ROLE rolename [, ...]
    TO { rolename } [, ...] [ WITH GRANT OPTION ]

Any Help Will Be appreciated!

pgsql-admin by date:

From: kevin kempter
Date: 02 July 2008, 02:20:38
Subject: strange drop errors

From: Karen Stone
Date: 02 July 2008, 13:31:37
Subject: Re: Change a character in a text field

Roles as objects in Postgres's security system - Mailing list pgsql-admin

Previous

Next