Irrevocable privileges

From: "Dave Held" <dave(dot)held(at)arraysg(dot)com>
To: <pgsql-admin(at)postgresql(dot)org>
Subject: Irrevocable privileges
Date: 2005-05-10 22:40:11
Message-ID: 49E94D0CFCD4DB43AFBA928DDD20C8F902618506@asg002.asg.local
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

I think it's silly that any privileges that an owner grants to himself are
essentially irrevocable. It's silly because it makes changing the object
owner pointless. Consider:

User joe creates table foo
User joe grants permission rw to himself on foo
User joe decides that user bob should really be the owner of foo
User joe revokes his permissions, alters foo to be owned by bob,
and gives bob rw privilege
User joe is annoyed to find out that his privileges are in a state of limbo

The only way to fix this is to do a backup/restore. It seems to me
that owner privs should be revokable in a transaction where the owner
is changed to a different user. That way, joe doesn't leave behind a
trail of mess when he decides to change ownership of objects.

__
David B. Held
Software Engineer/Array Services Group
200 14th Ave. East, Sartell, MN 56377
320.534.3637 320.253.7800 800.752.8129

Responses

Browse pgsql-admin by date

  From Date Subject
Next Message Tom Lane 2005-05-10 23:10:33 Re: Irrevocable privileges
Previous Message DHS Club Webmaster 2005-05-10 19:39:39 Re: Many idle processes?