| From: | Matthew <matt(at)ctlno(dot)com> |
|---|---|
| To: | "'Bruce Momjian'" <pgman(at)candle(dot)pha(dot)pa(dot)us>, PostgreSQL-development <pgsql-hackers(at)postgreSQL(dot)org> |
| Subject: | RE: User administration tool |
| Date: | 2001-03-30 04:56:19 |
| Message-ID: | 183FA749499ED311B6550000F87E206C1FD0A5@srv.ctlno.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> I have started coding a user/group administration tool that allows you
> to add/modify/delete users and groups. I should have something working
> in a week. I will look similar to my pgmonitor tool.
>
semi related to this, I have always thought that the way postgresql
handles the deletion of users and groups to be flawed. If I create a user,
grant permissions on a table and then drop the user, permissions now exist
on that table for a user that does not exist. I see this as a possible
security flaw since a new user can then be created with the user id of the
ID user and have all the permissions that might have ever been assigned to
that old user. When a user is deleted, shouldn't all permissions associated
with that user be deleted also, I would think this could be handled with a
PK/ FK cascading delete type setup.
my 2¢
Matt O'Connor
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2001-03-30 04:58:25 | Re: Re: Call for platforms |
| Previous Message | Hiroshi Inoue | 2001-03-30 04:16:16 | Re: [HACKERS] Re: possible row locking bug in 7.0.3 & 7.1 |