Re: bug in permission handling?
| От | Martin Renters |
|---|---|
| Тема | Re: bug in permission handling? |
| Дата | |
| Msg-id | 20020114111248.A11077@aspen.datafax.com обсуждение исходный текст |
| Ответ на | Re: bug in permission handling? (Tom Lane <tgl@sss.pgh.pa.us>) |
| Список | pgsql-hackers |
On Mon, Jan 14, 2002 at 10:29:01AM -0500, Tom Lane wrote: > Martin Renters <martin@datafax.com> writes: > > Should the permissions of a deleted user get assigned to a new user > > as in the example below? > > That can happen, since the default "usesysid" assignment is "max > existing usesysid + 1". If you delete the last user then their sysid > becomes a candidate for reassignment. This is not real good, but fixing > it isn't that high on the priority list (and is difficult to do unless > we take away the option of hand-assigned sysids ... otherwise we could > just have a sequence generator for sysids). Isn't it possible for PostgreSQL to delete permissions on tables when a user gets deleted? It seems to be a bit of a security issue when a new user suddenly inherits permissions he shouldn't have. Martin
В списке pgsql-hackers по дате отправления: