| From: | Achilleas Mantzios <achill(at)matrix(dot)gatewaynet(dot)com> |
|---|---|
| To: | pgsql-admin(at)lists(dot)postgresql(dot)org |
| Subject: | Re: permission denied (even when run as postgres) for views after making their owner nosuperuser |
| Date: | 2018-01-26 14:59:46 |
| Message-ID: | 3b4e1884-e2df-0152-e258-8adb984a2252@matrix.gatewaynet.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
On 26/01/2018 16:42, David G. Johnston wrote:
> On Fri, Jan 26, 2018 at 7:32 AM, Achilleas Mantzios <achill(at)matrix(dot)gatewaynet(dot)com <mailto:achill(at)matrix(dot)gatewaynet(dot)com>>wrote:
>
> In fact, there is no way on earth I can regain access to view fuser.testforfu for any user (postgres included) unless I change its ownership (or make fuser a superuser).
>
> is this normal? documented? Am I missing anything?
>
>
> When dealing with views the owner of the view is performing all of the queries. So if you make the view owner lack permission to access the underlying tables the view isn't going to work no matter
> the permissions of the view caller.
Thanks a lot!
>
> Documented here:
>
> https://www.postgresql.org/docs/10/static/sql-createview.html
>
> "Access to tables referenced in the view is determined by permissions of the view owner."
>
> David J.
>
>
--
Achilleas Mantzios
IT DEV Lead
IT DEPT
Dynacom Tankers Mgmt
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2018-01-28 13:58:38 | Re: [ADMIN] start/restart PostgreSQL service with SSL enabled |
| Previous Message | David G. Johnston | 2018-01-26 14:42:14 | Re: permission denied (even when run as postgres) for views after making their owner nosuperuser |