A security problem (newbie) - Mailing list pgsql-general

From Paulo da Silva
Subject A security problem (newbie)
Date
Msg-id 36DC2F6A.B1B40FE5@esoterica.pt
Whole thread Raw
List pgsql-general
Hello,

I need to grant access to some records of ts table to
user psergio.

I created 2 views. psergio should be allowed to use select
only on one of them. But I removed access to the whole table.
So, although I grant access to va, it is denied because the
ts table is not acessible!

How can I turn around this?

TIA
--
Paulo (pdasilva@esoterica.pt)CREATE TABLE ts (
    dep        text,
    descr        text
);

INSERT INTO ts VALUES ('A','aaaaaa');
INSERT INTO ts VALUES ('B','bbbbbb');
INSERT INTO ts VALUES ('B','xxxxxx');
INSERT INTO ts VALUES ('A','yyyyyy');

create view va as select * from ts where dep='A';
create view vb as select * from ts where dep='B';

revoke all on ts from psergio;
revoke all on va from psergio;
revoke all on vb from psergio;

grant select on va to psergio;

select * from va;
-- Denied because ts is not acessible!!!

select * from vb;

drop table ts;
drop view va;
drop view vb;

pgsql-general by date:

Previous
From: "Luiz Lins"
Date:
Subject: Converting SQL.Server Stored Procedures..
Next
From: "Gene Selkov Jr."
Date:
Subject: Re: [SQL] FW: indexing functions