Home > mailing lists

Re: Schema grants for creating and dropping objects - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: Schema grants for creating and dropping objects
Date	October 9, 2011 12:59:24
Msg-id	3969.1318175939@sss.pgh.pa.us Whole thread Raw
In response to	Schema grants for creating and dropping objects (Marc Munro <marc@bloodnok.com>)
Responses	Re: Schema grants for creating and dropping objects
List	pgsql-hackers

Tree view

Marc Munro <marc@bloodnok.com> writes:
> It seems that in order to create an object in a given schema, I must
> have been granted create privilege on the schema.  But in order to drop
> that object I require usage privilege.  

> This means that with the right privilege settings I can create objects
> that I cannot subsequently drop, or can drop an object that I cannot
> recreate.

Yeah.  So?  You can get similar effects with read-only or write-only
directories in Unix filesystems.  Don't see why you find this surprising.
        regards, tom lane

pgsql-hackers by date:

From: Tom Lane
Date: 09 October 2011, 12:57:07
Subject: Re: libpq, PQdescribePrepared -> PQftype, PQfmod, no PQnullable

From: Heikki Linnakangas
Date: 09 October 2011, 13:01:23
Subject: Re: REVIEW: Optimizing box_penalty

Re: Schema grants for creating and dropping objects - Mailing list pgsql-hackers

Previous

Next