| From: | Bruce Momjian <bruce(at)momjian(dot)us> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | Derrick Rice <derrick(dot)rice(at)gmail(dot)com>, pgsql-docs(at)postgresql(dot)org |
| Subject: | Re: DROP TABLE can be issued by schema owner as well as table owner |
| Date: | 2011-10-13 14:06:56 |
| Message-ID: | 201110131406.p9DE6uC25539@momjian.us |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-docs |
Robert Haas wrote:
> On Fri, May 20, 2011 at 11:42 AM, Derrick Rice <derrick(dot)rice(at)gmail(dot)com> wrote:
> > According to
> >
> > http://www.postgresql.org/docs/9.0/interactive/sql-droptable.html
> >
> > "DROP TABLE removes tables from the database. Only its owner can drop a
> > table."
> >
> > In fact, the schema owner can drop the table, which is clearly stated here:
> >
> > http://www.postgresql.org/docs/9.0/interactive/sql-dropschema.html
> >
> > "A schema can only be dropped by its owner or a superuser. Note that the
> > owner can drop the schema (and thereby all contained objects) even if he
> > does not own some of the objects within the schema."
>
> The sentence really should be written a way that indicates that we're
> talking about who can execute this particular command, rather than who
> can manage to accomplish the removal of the object. I don't think
> it's practical to document the latter. We'd have to include:
>
> - the owner of the table
> - the superuser
> - the schema owner, since they could drop the entire schema
> - the database owner, since they could drop the entire database
> - the system administrator, since they could delete the entire data
> directory, or any part of it
> - the person with physical control of the machine, since they could
> remove and wipe the disk
> - any world leader with access to nuclear weapons, since they could...
> well, you get the idea
>
> Even if we excluded the last few, it would be quite wordy to
> recapitulate this for every object type. I suggest we steal the
> phraseology from "DROP FOREIGN DATA WRAPPER", which reads:
>
> To execute this command, the current user must be the owner of the
> foreign-data wrapper.
>
> The phrase "to execute this command" makes the scope of what follows
> clear: it's just who can run this command, NOT who might be able by
> indirect means to get rid of the object. To cover all bases, we could
> add ", or the superuser" to the end of the sentence.
I applied the following documentation patch to clarify this issue, and
used generic wording "user with the proper permissions".
--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ It's impossible for everything to be true. +
| Attachment | Content-Type | Size |
|---|---|---|
| /rtmp/drop | text/x-diff | 863 bytes |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2011-10-13 16:17:41 | Re: Typo on dummy_seclabel page |
| Previous Message | Thom Brown | 2011-10-13 13:35:19 | Typo on dummy_seclabel page |