| From: | "Anthony E (dot) Greene" <agreene(at)pobox(dot)com> |
|---|---|
| To: | pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: GRANT & DROP |
| Date: | 2001-01-08 23:20:33 |
| Message-ID: | 20010108182033.E19618@cp5340 |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
On Mon, 08 Jan 2001 15:09:12 Gavin M. Roy wrote:
>I recently suffered the pains of not having good security on a database
>when a developer dropped a production transaction payment table. Thus
>now I am paying attention to what I should have before which is database
>security. I am looking at the grant command and see it covers alot of
>important things, but the one I am most interested is DROP TABLE and I
>don't see it, nor ALTER. Does DELETE cover DROP as well? Anyone have
>experience here?
On my Linux system, "man l drop" displays the man page for the DROP command,
with references to specific variants of the command.
I don't know if the latest versions are different but in 6.5.3 anyone can
drop a table, even if they don't have any permissions on the rows in that
table.
Tony
--
Anthony E. Greene <agreene(at)pobox(dot)com> <http://www.pobox.com/~agreene/>
PGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D
Chat: AOL/Yahoo: TonyG05 ICQ: 91183266
Linux. The choice of a GNU Generation. <http://www.linux.org/>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | vijayendra mohan agrawal | 2001-01-09 11:43:39 | Connect Failed error |
| Previous Message | Tom Lane | 2001-01-08 22:22:53 | Re: GRANT & DROP |