| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | andrew(at)supernews(dot)com |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: TODO item: set proper permissions on non-system schemas |
| Date: | 2005-09-01 13:09:47 |
| Message-ID: | 12004.1125580187@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Andrew - Supernews <andrew+nonews(at)supernews(dot)com> writes:
> On 2005-09-01, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>> There's considerable feeling that that TODO item is bogus anyway.
> The issue that I've seen is that currently, allowing non-superusers to
> create databases in a useful manner requires all sorts of hoop-jumping
> to allow the database owner to end up owning the "public" schema.
The part of this that hasn't been justified to my satisfaction is *why*
the database owner should own the public schema. He doesn't get to own,
say, the integer plus operator.
There is some merit in the thought that the DB owner should be able to
grant and revoke access on the public schema, but that no longer
requires ownership, only membership in an appropriate role.
> (Another wart that could do with looking into is that such a non-superuser
> database owner can't prevent xid wrap in his database regardless of how
> often he vacuums it.)
The DB owner shouldn't really be responsible for vacuuming anyway.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2005-09-01 13:15:05 | Re: broken configure, broken makefile? |
| Previous Message | Tom Lane | 2005-09-01 12:50:27 | Re: On hardcoded type aliases and typmod for user types |