Re: grants
| От | Kris Jurka |
|---|---|
| Тема | Re: grants |
| Дата | |
| Msg-id | Pine.BSO.4.56.0403110108440.101@leary.csoft.net обсуждение исходный текст |
| Ответ на | Re: grants (Andreas Pflug <pgadmin@pse-consulting.de>) |
| Список | pgsql-hackers |
On Wed, 10 Mar 2004, Andreas Pflug wrote:
> Kris Jurka wrote:
>
> >On Wed, 10 Mar 2004, Andreas Pflug wrote:
> >
> >The problem that cannot be solved with either this or a function that
> >loops and grants on each table is that it is not a permanent grant of what
> >the admin had in mind. If a new table is added or an existing table is
> >dropped and recreated, the grants must be done again. The real use of a
> >SELECT ANY TABLE permission is ignorance of schema updates.
> >
> >
> Hm, does this exist in other DBMS?
> As soon as roles are implemented, there might be a default role
> ('public') for this. Until then, using groups solves most of the
> problems (well, you certainly still need to GRANT rights to your
> preferred group).
>
Groups help, but only if you want to GRANT to more than one user, and you
still need to do it on after schema changes. I know this is implemented
in at least Oracle, SELECT ANY TABLE is in fact the permission
name used.
Kris Jurka
В списке pgsql-hackers по дате отправления: