Re: GRANT & DROP - Mailing list pgsql-admin

From Tom Lane
Subject Re: GRANT & DROP
Date
Msg-id 19570.978992573@sss.pgh.pa.us
Whole thread Raw
In response to GRANT & DROP  ("Gavin M. Roy" <gmr@readysetnet.com>)
List pgsql-admin
"Gavin M. Roy" <gmr@readysetnet.com> writes:
> I am looking at the grant command and see it covers alot of
> important things, but the one I am most interested is DROP TABLE and I
> don't see it, nor ALTER.  Does DELETE cover DROP as well?

I believe DROP and ALTER rights are determined by ownership, nothing
else.  Ditto rights to do GRANT/REVOKE.  (The permissions capabilities
in Postgres badly need redesign, since they're nowhere close to what
the SQL spec calls for, but that's what we have at the moment.)

My two cents: any table that you want to be reasonably secure should be
owned by an "admin" sort of user that is not used for normal database
operations.  The admin user should grant appropriate permissions to the
userid(s) that are used for routine work.

It's probably good if the admin user is not the superuser, too.
The routine-work users had better not be superuser, else they will
bypass all the permissions checks anyway.

            regards, tom lane

pgsql-admin by date:

Previous
From: "Gavin M. Roy"
Date:
Subject: GRANT & DROP
Next
From: "Anthony E . Greene"
Date:
Subject: Re: GRANT & DROP