Re: BUG #1497: Default permissions allow any user to create objects
| От | Bruce Momjian |
|---|---|
| Тема | Re: BUG #1497: Default permissions allow any user to create objects |
| Дата | |
| Msg-id | 200502250234.j1P2YX924473@candle.pha.pa.us обсуждение исходный текст |
| Список | pgsql-bugs |
Barry Brown wrote: > >> The docs say that initially only the owner of a database may use the > >> objects > >> created in it. But I have found that ANY user can work with any > >> object by > >> default, even in the template1 database. > > > > Uh, where did you see that in the docs? > > First paragraph of section 17.4 (Privileges): > > "When a database object is created, it is assigned an owner. .... By > default, only an owner (or a superuser) can do anything with the > object. In order to allow other users to use it, privileges must be > granted." > > To me, that paragraphs says that only the owner of a database can do > anything with it and all other privileges must be explicitly granted to > others. Yea, that is confusing. When they say "database object", the don't mean database, but object created in the database, like a table or view. I modified the text to not mention "database": When an object is created, it is assigned an owner. The -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073
В списке pgsql-bugs по дате отправления: