| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "Gavin M(dot) Roy" <gmr(at)readysetnet(dot)com> |
| Cc: | pgsql list <pgsql-admin(at)postgresql(dot)org> |
| Subject: | Re: GRANT & DROP |
| Date: | 2001-01-08 22:22:53 |
| Message-ID: | 19570.978992573@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
"Gavin M. Roy" <gmr(at)readysetnet(dot)com> writes:
> I am looking at the grant command and see it covers alot of
> important things, but the one I am most interested is DROP TABLE and I
> don't see it, nor ALTER. Does DELETE cover DROP as well?
I believe DROP and ALTER rights are determined by ownership, nothing
else. Ditto rights to do GRANT/REVOKE. (The permissions capabilities
in Postgres badly need redesign, since they're nowhere close to what
the SQL spec calls for, but that's what we have at the moment.)
My two cents: any table that you want to be reasonably secure should be
owned by an "admin" sort of user that is not used for normal database
operations. The admin user should grant appropriate permissions to the
userid(s) that are used for routine work.
It's probably good if the admin user is not the superuser, too.
The routine-work users had better not be superuser, else they will
bypass all the permissions checks anyway.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Anthony E . Greene | 2001-01-08 23:20:33 | Re: GRANT & DROP |
| Previous Message | Gavin M. Roy | 2001-01-08 20:09:12 | GRANT & DROP |