| From: | Fred Habash <fmhabash(at)gmail(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-general(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Allowing John to Drop Triggers On Chad's Tables |
| Date: | 2021-03-16 16:12:00 |
| Message-ID: | CADpeV5xT=MB6BdGhxsvYrdVTQ3DfNhV31g6-Uz-4fhib6-nyLA@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Thank you all for taking the time to respond. As always, great community
support.
On Mon, Mar 15, 2021 at 5:10 PM Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> Fred Habash <fmhabash(at)gmail(dot)com> writes:
> > Based on my research, There are the options I have identified to allow
> user
> > 'John' to drop a trigger on a table owner by 'Chad' ..
>
> I guess the big-picture question is why do you think you need that?
>
> The separate TRIGGER permission is something we consider obsolescent.
> It's difficult to make use of it in any way that isn't tantamount to
> giving John the ability to execute arbitrary code as Chad (the next
> time Chad does anything with his table). So while a case could be
> made that granting TRIGGER should include the right to alter or drop
> existing triggers, it's unlikely that anyone will want to expend effort
> in that direction.
>
> regards, tom lane
>
--
----------------------------------------
Thank you
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Geoghegan | 2021-03-16 16:44:08 | Re: Postgres crashes at memcopy() after upgrade to PG 13. |
| Previous Message | Tom Lane | 2021-03-16 15:44:18 | Re: WAL-files is not removing authomaticaly |