Re: "with grant option" for user groups. - Mailing list pgsql-hackers

From Peter Eisentraut
Subject Re: "with grant option" for user groups.
Date
Msg-id 200401091541.19984.peter_e@gmx.net
Whole thread Raw
In response to "with grant option" for user groups.  (Potuganti Ramu <ramup@aztec.soft.net>)
List pgsql-hackers
> Following statement says that "with grant option" is not allowed to a user
> group. I would like to know what the reasons behind not implementing
> this kind of feature.

Consider the following sequence of steps:

in database 1:
user A grants privilege to group B with grant option
user C who is in group B grants privilege to user D

in database 2:
superuser removes user C from group B

--> user D still has the privilege, because superuser doesn't have access to  
database 1 from his session

If you can live with this problem, then you can remove the check from the 
source code and it should work.



pgsql-hackers by date:

Previous
From: Tom Lane
Date:
Subject: Re: Translations in the distributions
Next
From: Tom Lane
Date:
Subject: Re: Translations in the distributions