Home > mailing lists

Re: [PATCHES] Users/Groups -> Roles - Mailing list pgsql-hackers

From	Stephen Frost
Subject	Re: [PATCHES] Users/Groups -> Roles
Date	June 28, 2005 20:37:50
Msg-id	20050628203754.GQ24207@ns.snowman.net Whole thread Raw
In response to	Re: [PATCHES] Users/Groups -> Roles (Bruno Wolff III <bruno@wolff.to>)
Responses	Re: [PATCHES] Users/Groups -> Roles Re: [PATCHES] Users/Groups -> Roles
List	pgsql-hackers

Tree view

* Bruno Wolff III (bruno@wolff.to) wrote:
> Thinking about it some more, drops wouldn't be an issue since the owner
> can always drop objects.

Right.

> Creating objects in particular schemas or databases is not something that
> all roles may be able to do.

Yeah, I'm not entirely sure what I think about this issue.  If you're
not allowed to change ownership of objects and SET ROLE drops your
regular ROLE's privileges then the role which owns the object originally
(and which you're required to be in) must have had create access to that
schema at some point.

I can see requiring the role that's changing the ownership to have
create access to the schema in which the object that's being changed is
in.
Thanks,
    Stephen

pgsql-hackers by date:

From: Alvaro Herrera
Date: 28 June 2005, 20:33:39
Subject: Re: [PATCHES] Proposed TODO: --encoding option for pg_dump

From: "Magnus Hagander"
Date: 28 June 2005, 20:43:29
Subject: Re: [PATCHES] Proposed TODO: --encoding option for pg_dump

Re: [PATCHES] Users/Groups -> Roles - Mailing list pgsql-hackers

Previous

Next