"Tom Lane" <tgl@sss.pgh.pa.us> writes:
> 1. DefineIndex() treats an omitted tablespace clause differently from
> explicitly specifying the tablespace that is the database's default:
> if you explicitly specify the space then you must have permissions on
> it, otherwise you don't need any. (This is the same behavior as in
> DefineRelation incidentally.) Maybe this isn't such a hot idea, and
> we should treat the two cases interchangeably?
I always thought that was absolutely bizarre. Security should never depend on
*how* you refer to an object. You should either have access to the object or
not regardless of how you refer to it.
-- Gregory Stark EnterpriseDB http://www.enterprisedb.com Ask me about EnterpriseDB's Slony Replication
support!