Home > mailing lists

Re: [PATCHES] Users/Groups -> Roles - Mailing list pgsql-hackers

From	Bruno Wolff III
Subject	Re: [PATCHES] Users/Groups -> Roles
Date	June 28, 2005 19:52:59
Msg-id	20050628195207.GB12571@wolff.to Whole thread Raw
In response to	Re: [PATCHES] Users/Groups -> Roles (Stephen Frost <sfrost@snowman.net>)
Responses	Re: [PATCHES] Users/Groups -> Roles Re: [PATCHES] Users/Groups -> Roles
List	pgsql-hackers

Tree view

On Tue, Jun 28, 2005 at 14:45:06 -0400, Stephen Frost <sfrost@snowman.net> wrote:
> 
> If you are the owner of the object to be changed (following the normal
> owner checking rules) AND would still be considered the owner of the
> object *after* the change, then you can change the ownership.  

That still isn't a good idea, because the new owner may not have had
access to create the object you just gave to them. Or you may not have
had access to drop the object you just gave away. That is going to
be a security hole.

pgsql-hackers by date:

From: Peter Eisentraut
Date: 28 June 2005, 19:50:12
Subject: Re: Proposed TODO: --encoding option for pg_dump

From: Bruno Wolff III
Date: 28 June 2005, 20:01:58
Subject: Re: [PATCHES] Users/Groups -> Roles

Re: [PATCHES] Users/Groups -> Roles - Mailing list pgsql-hackers

Previous

Next