Home > mailing lists

Re: [HACKERS] Here it is - view permissions - Mailing list pgsql-hackers

From	The Hermit Hacker
Subject	Re: [HACKERS] Here it is - view permissions
Date	February 23, 1998 11:06:33
Msg-id	Pine.NEB.3.95.980223080529.17896B-100000@hub.org Whole thread Raw
In response to	Re: [HACKERS] Here it is - view permissions (Mattias Kregert <matti@algonet.se>)
Responses	Re: [HACKERS] Here it is - view permissions] (Bruce Momjian <maillist@candle.pha.pa.us>) Re: [HACKERS] Here it is - view permissions (jwieck@debis.com (Jan Wieck))
List	pgsql-hackers

Tree view

On Mon, 23 Feb 1998, Mattias Kregert wrote:

> Bruce Momjian wrote:
> >
> > OK, but why would anyone want the old behavior?
> >
> > I guess if you have a table that is not select-able by everyone, and you
> > create a view on it, the default permits will allow select to others.
> > You would have to set the permit on that view.  Is there more to that
> > pg_class flag you want to add?
>
> Why does views default to 'select' permission for 'public'?
> I think most people will never think of the possibility that others
> will be able to SELECT their data through views.
> Should not 'create view' at least print a NOTICE about this?

    Considering how much security we are putting around everything
else, is it unreasonably to have both 'create view'/'create table' default
to 'revoke all' to public, and 'grant all' to owner?

pgsql-hackers by date:

From: Brett McCormick
Date: 23 February 1998, 11:00:49
Subject: Re: pl/{perl,pgsql} (was Re: AW: [HACKERS] triggers, views and ru

From: Bruce Momjian
Date: 23 February 1998, 11:07:51
Subject: Re: [HACKERS] Here it is - view permissions

Re: [HACKERS] Here it is - view permissions - Mailing list pgsql-hackers

Previous

Next