Home > mailing lists

Re: "with grant option" for user groups. - Mailing list pgsql-hackers

From	Peter Eisentraut
Subject	Re: "with grant option" for user groups.
Date	January 9, 2004 15:25:32
Msg-id	200401091541.19984.peter_e@gmx.net Whole thread Raw
In response to	"with grant option" for user groups. (Potuganti Ramu <ramup@aztec.soft.net>)
List	pgsql-hackers

Tree view

> Following statement says that "with grant option" is not allowed to a user
> group. I would like to know what the reasons behind not implementing
> this kind of feature.

Consider the following sequence of steps:

in database 1:
user A grants privilege to group B with grant option
user C who is in group B grants privilege to user D

in database 2:
superuser removes user C from group B

--> user D still has the privilege, because superuser doesn't have access to  
database 1 from his session

If you can live with this problem, then you can remove the check from the 
source code and it should work.

pgsql-hackers by date:

From: Tom Lane
Date: 09 January 2004, 15:00:10
Subject: Re: Translations in the distributions

From: Tom Lane
Date: 09 January 2004, 15:25:42
Subject: Re: Translations in the distributions

Re: "with grant option" for user groups. - Mailing list pgsql-hackers

Previous

Next