Home > mailing lists

Re: TODO item: set proper permissions on non-system schemas - Mailing list pgsql-hackers

From	Andrew - Supernews
Subject	Re: TODO item: set proper permissions on non-system schemas
Date	September 1, 2005 15:35:26
Msg-id	slrndhe7t0.1vfu.andrew+nonews@trinity.supernews.net Whole thread Raw
In response to	TODO item: set proper permissions on non-system schemas (Jaime Casanova <systemguards@gmail.com>)
Responses	Re: TODO item: set proper permissions on non-system schemas
List	pgsql-hackers

Tree view

On 2005-09-01, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> Andrew - Supernews <andrew+nonews@supernews.com> writes:
>> On 2005-09-01, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>>> There is some merit in the thought that the DB owner should be able to
>>> grant and revoke access on the public schema, but that no longer
>>> requires ownership, only membership in an appropriate role.
>
>> How would that work without superuser intervention, given that the
>> ownership of public would be the same in all databases regardless of
>> who created them?
>
> Change the ownership of public in template1 to be a "dbadmin" group.
> Grant membership in "dbadmin" to all the DB owners.  End of problem.

Only if all db owners are equivalent.

-- 
Andrew, Supernews
http://www.supernews.com - individual and corporate NNTP services

pgsql-hackers by date:

From: Tom Lane
Date: 01 September 2005, 15:21:17
Subject: Re: 8.1beta, Subtle bug in COPY in Solaris systems

From: Tom Lane
Date: 01 September 2005, 15:45:19
Subject: Re: Remove xmin and cmin from frozen tuples

Re: TODO item: set proper permissions on non-system schemas - Mailing list pgsql-hackers

Previous

Next