| From: | Alvaro Herrera <alvherre(at)commandprompt(dot)com> |
|---|---|
| To: | Rod Taylor <pg(at)rbt(dot)ca> |
| Cc: | "Eugene E(dot)" <sad(at)bankir(dot)ru>, pgsql-sql(at)postgresql(dot)org |
| Subject: | Re: Permission to Select |
| Date: | 2006-03-13 14:46:17 |
| Message-ID: | 20060313144617.GG8274@surnet.cl |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-sql |
Rod Taylor wrote:
> By allowing the user a where clause you grant them select privileges.
> You will find that delete works the same way.
>
> This is one of those times when per column permissions are useful. You
> could grant them select access on the "name" column but not the "salary"
> column.
If I understand clearly, the patch he posted modified things so that if
the user issued an UPDATE command, the SELECT permission was required as
well. Thus a user with UPDATE privileges but no SELECT was not allowed
to execute the UPDATE command.
--
Alvaro Herrera http://www.CommandPrompt.com/
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2006-03-13 14:57:39 | Re: Set generating functions and subqueries |
| Previous Message | Rod Taylor | 2006-03-13 14:33:12 | Re: Permission to Select |