| From: | The Hermit Hacker <scrappy(at)hub(dot)org> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Mark Hollomon <mhh(at)nortelnetworks(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Proposal : changing table ownership |
| Date: | 2000-09-08 14:54:30 |
| Message-ID: | Pine.BSF.4.21.0009081153520.493-100000@thelab.hub.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Fri, 8 Sep 2000, Tom Lane wrote:
> "Mark Hollomon" <mhh(at)nortelnetworks(dot)com> writes:
> > ALTER TABLE <table> OWNER TO <newowner>
>
> > The owner of a table will be able to change the owner to any other user.
>
> Doesn't this create risks parallel to file give-away (chown) in Unix?
> A lot of Unices disallow chown except to the superuser.
Agreed ...
> Tables aren't currently active objects, but we've been talking about
> things like making trigger functions run "setuid" to the table owner.
> If that happens then table ownership giveaway is a big security hole.
>
> > The superuser will NOT have special privileges.
>
> Say *what* ? That's just silly.
*Only* superuser should be able to run the above command ...
| From | Date | Subject | |
|---|---|---|---|
| Next Message | The Hermit Hacker | 2000-09-08 14:58:54 | Re: [7.0.2] node type 17 not supported ... |
| Previous Message | Ross J. Reedstrom | 2000-09-08 14:53:12 | Re: [7.0.2] node type 17 not supported ... |