* Tom Lane (tgl@sss.pgh.pa.us) wrote:
> Stephen Frost <sfrost@snowman.net> writes:
> > * Bruno Wolff III (bruno@wolff.to) wrote:
> >> Creating objects in particular schemas or databases is not something that
> >> all roles may be able to do.
>
> > Yeah, I'm not entirely sure what I think about this issue.
>
> We have a precedent, which is that RENAME checks for create rights.
Ah, ok. Precedent is good.
> If you want to lean on the argument that this is just a shortcut for
> dropping the object and then recreating it somewhere else, then you
> need (a) the right to drop the object --- which is inherent in being
> the old owner, and (b) the right to create the new object, which means
> that (b1) you can become the role you wish to have owning the object,
> and (b2) *as that role* you would have the rights needed to create the
> object.
>
> Stephen's original analysis covers (a) and (b1) but not (b2). With (b2)
> I'd agree that it's just a useful shortcut.
Right. Ok, I'll develop a patch which covers (a), (b1) and (b2). I'll
also go through all of the superuser() calls in src/backend/commands/
and check for other places we may need *_ownercheck calls.
I expect to have the patch done either tonight or tommorow.
Thanks,
Stephen
