I think it is right---the superuser can select from
the view, even if the view's owner tries to prevent that---,
but maybe a good way is checking owner's privilage when creating a view as
Oracle.
It would be better not to create a view if a user cann`t access a table.
regards, hx.li
"Tom Lane" <tgl@sss.pgh.pa.us> дÈëÏûÏ¢ÐÂÎÅ:6863.1257132736@sss.pgh.pa.us...
> "hx.li" <fly2nn@126.com> writes:
>> In postgresql's document£¬Part VI. Reference,SQL Commands,GRANT, it said:
>
>> It should be noted that database superusers can access all objects
>> regardless of object privilege settings.
>
> What that means in this example is that the superuser can select from
> the view, even if the view's owner tries to prevent that. However,
> the view itself doesn't have any more permissions than it had before.
> It would have failed for anyone, and it fails for the superuser too.
>
> I grow weary of debating this with you.
>
> regards, tom lane
>
> --
> Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-bugs
>
