Home > mailing lists

Re: OWNER TO on all objects - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: OWNER TO on all objects
Date	June 16, 2004 16:00:52
Msg-id	22717.1087401598@sss.pgh.pa.us Whole thread Raw
In response to	Re: OWNER TO on all objects (Christopher Kings-Lynne <chriskl@familyhealth.com.au>)
Responses	Re: OWNER TO on all objects (Christopher Kings-Lynne <chriskl@familyhealth.com.au>)
List	pgsql-hackers

Tree view

Christopher Kings-Lynne <chriskl@familyhealth.com.au> writes:
>> No, you don't.  That allows non-superusers to give away object
>> ownership, which is well-established as a security hole; Unix
>> filesystems stopped doing it years ago.

> I worded that badly.  I meant "allow a user to change the owner of 
> something to what it already is".  ie. Just make the no-op allowed by 
> everyone.  session_auth already does this.

Ah.  Okay, no objection to that.  (In fact I believe we put in the
special case for session_auth for exactly the same reason.)
        regards, tom lane

pgsql-hackers by date:

From: Christopher Kings-Lynne
Date: 16 June 2004, 15:49:25
Subject: Re: OWNER TO on all objects

From: Andrew Dunstan
Date: 16 June 2004, 16:01:06
Subject: PlPerlNG - first alpha code

Re: OWNER TO on all objects - Mailing list pgsql-hackers

Previous

Next