Home > mailing lists

Re: Cascade view drop permission checks - Mailing list pgsql-general

From	Tom Lane
Subject	Re: Cascade view drop permission checks
Date	April 6, 2022 16:48:41
Msg-id	3035285.1649252921@sss.pgh.pa.us Whole thread Raw
In response to	Re: Cascade view drop permission checks ("David G. Johnston" <david.g.johnston@gmail.com>)
Responses	Re: Cascade view drop permission checks ("David G. Johnston" <david.g.johnston@gmail.com>)
List	pgsql-general

Tree view

"David G. Johnston" <david.g.johnston@gmail.com> writes:
> On Tuesday, April 5, 2022, m7onov@gmail.com <m7onov@gmail.com> wrote:
>> It seems strange to me that somebody who is not a member of owner role can
>> drop an object bypassing permission checks.
>> Is this behaviour OK?

> The system dropped the now defunct view, not alice.  Bob accepted that risk
> by basing the view on an object owned by another role.  I suppose other
> behaviors are possible but not really worth exploring.

(a) this behavior is what is required by the SQL standard.

(b) what other behavior would be better?  Dropping the table and
leaving a broken view behind isn't good.  Neither is refusing to
let the owner drop her object.

            regards, tom lane

pgsql-general by date:

From: "David G. Johnston"
Date: 06 April 2022, 15:16:01
Subject: Re: Cascade view drop permission checks

From: "David G. Johnston"
Date: 06 April 2022, 17:20:31
Subject: Re: Cascade view drop permission checks

Re: Cascade view drop permission checks - Mailing list pgsql-general

Previous

Next