Re: Proposal : changing table ownership

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "Mark Hollomon" <mhh(at)nortelnetworks(dot)com>
Cc: PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Proposal : changing table ownership
Date: 2000-09-08 14:43:56
Message-ID: 24937.968424236@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

"Mark Hollomon" <mhh(at)nortelnetworks(dot)com> writes:
> ALTER TABLE <table> OWNER TO <newowner>

> The owner of a table will be able to change the owner to any other user.

Doesn't this create risks parallel to file give-away (chown) in Unix?
A lot of Unices disallow chown except to the superuser.

Tables aren't currently active objects, but we've been talking about
things like making trigger functions run "setuid" to the table owner.
If that happens then table ownership giveaway is a big security hole.

> The superuser will NOT have special privileges.

Say *what* ? That's just silly.

regards, tom lane

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Ross J. Reedstrom 2000-09-08 14:53:12 Re: [7.0.2] node type 17 not supported ...
Previous Message Mark Hollomon 2000-09-08 13:26:12 Proposal : changing table ownership