Quick Links

Re: TODO item: set proper permissions on non-system schemas

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	andrew(at)supernews(dot)com
Cc:	pgsql-hackers(at)postgresql(dot)org
Subject:	Re: TODO item: set proper permissions on non-system schemas
Date:	2005-09-01 15:01:03
Message-ID:	12841.1125586863@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Andrew - Supernews <andrew+nonews(at)supernews(dot)com> writes:
> On 2005-09-01, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>> There is some merit in the thought that the DB owner should be able to
>> grant and revoke access on the public schema, but that no longer
>> requires ownership, only membership in an appropriate role.

> How would that work without superuser intervention, given that the
> ownership of public would be the same in all databases regardless of
> who created them?

Change the ownership of public in template1 to be a "dbadmin" group.
Grant membership in "dbadmin" to all the DB owners. End of problem.

regards, tom lane

In response to

Re: TODO item: set proper permissions on non-system schemas at 2005-09-01 13:29:17 from Andrew - Supernews

Responses

Re: TODO item: set proper permissions on non-system schemas at 2005-09-01 15:34:56 from Andrew - Supernews
Re: TODO item: set proper permissions on non-system schemas at 2005-09-01 17:03:33 from Andrew Dunstan

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	David Fetter	2005-09-01 15:03:00	Re: broken configure, broken makefile?
Previous Message	Alvaro Herrera	2005-09-01 14:58:19	Re: broken configure, broken makefile?