Re: [HACKERS] Superowners
| От | Simon Riggs |
|---|---|
| Тема | Re: [HACKERS] Superowners |
| Дата | |
| Msg-id | CANP8+jLDFm_W0go0ROX+LuKkpYkxEaVzQKbbBxnK19BBvzgqVA@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: [HACKERS] Superowners (Tom Lane <tgl@sss.pgh.pa.us>) |
| Список | pgsql-hackers |
On 24 January 2017 at 13:19, Tom Lane <tgl@sss.pgh.pa.us> wrote: > Simon Riggs <simon@2ndquadrant.com> writes: >> So I was thinking about various annoying admin/security issues >> recently, so I came up with this: a new type of user called a >> “superowner”. It’s somewhere between a superuser and a normal user. >> Superowner would own all objects defined by users, so it would do >> useful things in contexts where superuser is not available. > > What about just saying that the database owner has those privileges? > After all, the ultimate privilege of an owner is to drop the object > (and then remake it as she pleases), and the DB owner has that option > w.r.t. the whole database. So I'm not sure we need to invent a new > concept. Thinking about it, I've not seen dbowner != superuser in most cases, so that works for me. I guess I was expecting push back from people for backwards compatibility, but it is 10.0 > With or without it being a separate property, there's a point I think > you missed: this should only extend to objects owned by normal users, > not by superusers. Otherwise there are all sorts of security issues. Sure. That sounds like the right definition of what I was trying to specify. -- Simon Riggs http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
В списке pgsql-hackers по дате отправления: