Re: grant with hierarchy option

On fre, 2009-10-30 at 00:49 -0400, Tom Lane wrote:
> Peter Eisentraut <peter_e@gmx.net> writes:
> > There is a gap in the permission scheme for inheritance setups.  Say you
> > have this:
> 
> > CREATE TABLE persons (...);
> > CREATE TABLE employees (...) INHERITS (persons);
> 
> > GRANT SELECT ON persons TO foo;
> 
> > Then user foo can extract who the employees are using
> 
> > SELECT * FROM persons EXCEPT SELECT * FROM ONLY persons;
> 
> And this is a problem why exactly?  It's entirely likely that
> employee-ness can be determined just from what is visible in
> the persons view, anyway.  Not to mention tableoid.

Yeah, tableoid is a deal-breaker.  But perhaps using ONLY should at
least require SELECT privilege, because it effectively allows you to
select a subset of the table's rows.