Re: pg_user permissions problem (Was: Re: [HACKERS] RE: New ecgp code problem.)

The Hermit Hacker writes:
>     What is the chance of (how hard would it be to?) having a hard
> coded view setup that overrides the permissions lock on pg_user?  At what
> point is the lock implemented, software level, or file system?

I wasn't able to read data from a DB that I created with the very same user.
But I was able to connect, insert data etc. Why was that possible?

>     All we would really need was:
>
>     create view all_users as select usename,usesysid from pg_user;
>
>     Which psql/odbc/ecgp/jdbc could call instead of what its doing
> now...

ecpg doesn't call anything like that. All I use is some PQ... functions. No
direct access to whatever user permission system we have. So does this have
to be changed in libpq?

Michael

--
Dr. Michael Meskes, Project-Manager    | topsystem Systemhaus GmbH
meskes@topsystem.de                    | Europark A2, Adenauerstr. 20
meskes@debian.org                      | 52146 Wuerselen
Go SF49ers! Go Rhein Fire!             | Tel: (+49) 2405/4670-44
Use Debian GNU/Linux!                  | Fax: (+49) 2405/4670-10