Re: [HACKERS] Problem when reloading data from older version

Tom Lane wrote: >Hmm.  This seems wrong; if the function was created by the superuser >then it should have proowner set
tothe superuser, and pg_dump looks >like it does the right thing about reconnecting as the function owner >(assuming
youused -z, which is now default but wasn't in 6.4.2...). 
 
Ah... looking back, I see that I did not use -z.

Using -z, it works OK.
 >I wonder whether we need a notion of "effective" and "real" user ID, >such as most Unix systems have.  Then it'd be
possiblefor the system >to know "I may be creating objects on behalf of user X, but I really >am the superuser" and
applyprotection checks appropriately.  This'd >be a much more elegant solution than \connect for pg_dump scripts,
>sincethe whole script would run in a single superuser session and just >do a SET VARIABLE or something to indicate
whichuser would be the owner >of created objects.
 
I definitely agree with that.  It's also needed in order to restrict
password manipulation of other users' passwords to the superuser alone.

--      Vote against SPAM: http://www.politik-digital.de/spam/                ========================================
Oliver Elphick                                Oliver.Elphick@lfix.co.uk
Isle of Wight                              http://www.lfix.co.uk/oliver              PGP key from public servers; key
ID32B8FAA1                ========================================    "Fear not, for I am with thee; be not dismayed,
  for I am thy God. I will strengthen thee and I will      help thee; yea, I will uphold thee with the right hand
ofmy righteousness."         Isaiah 41:10