> Tom Lane wrote:
> >Hmm. This seems wrong; if the function was created by the superuser
> >then it should have proowner set to the superuser, and pg_dump looks
> >like it does the right thing about reconnecting as the function owner
> >(assuming you used -z, which is now default but wasn't in 6.4.2...).
>
> Ah... looking back, I see that I did not use -z.
>
> Using -z, it works OK.
-z is now default in 6.5.
>
> >I wonder whether we need a notion of "effective" and "real" user ID,
> >such as most Unix systems have. Then it'd be possible for the system
> >to know "I may be creating objects on behalf of user X, but I really
> >am the superuser" and apply protection checks appropriately. This'd
> >be a much more elegant solution than \connect for pg_dump scripts,
> >since the whole script would run in a single superuser session and just
> >do a SET VARIABLE or something to indicate which user would be the owner
> >of created objects.
>
> I definitely agree with that. It's also needed in order to restrict
> password manipulation of other users' passwords to the superuser alone.
>
> --
> Vote against SPAM: http://www.politik-digital.de/spam/
> ========================================
> Oliver Elphick Oliver.Elphick@lfix.co.uk
> Isle of Wight http://www.lfix.co.uk/oliver
> PGP key from public servers; key ID 32B8FAA1
> ========================================
> "Fear not, for I am with thee; be not dismayed,
> for I am thy God. I will strengthen thee and I will
> help thee; yea, I will uphold thee with the right hand
> of my righteousness." Isaiah 41:10
>
>
>
>
-- Bruce Momjian | http://www.op.net/~candle maillist@candle.pha.pa.us | (610)
853-3000+ If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill,
Pennsylvania19026