| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: ExecutorCheckPerms() hook |
| Date: | 2010-07-22 01:08:23 |
| Message-ID: | AANLkTimF2Kbd6P+kgPFFgfVpOrOJCFrJNpU6_ytdFysD@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, Jul 21, 2010 at 9:02 PM, Stephen Frost <sfrost(at)snowman(dot)net> wrote:
> * Robert Haas (robertmhaas(at)gmail(dot)com) wrote:
>> I think the relevant case might be where ymj owns fk_tbl but not
>> pk_tbl, and has REFERENCES but not SELECT on pk_tbl.
>>
>> Come to think of it, I wonder if REFERENCES on fk_tbl ought to be
>> sufficient to create a foreign key. Currently, it requires ownership:
>>
>> rhaas=> ALTER TABLE fk_tbl ADD FOREIGN KEY (x) REFERENCES pk_tbl (a);
>> ERROR: must be owner of relation fk_tbl
>
> Errr, no. If I grant you REFERENCES on my table, it means you can
> create a FK to it from some other table.
Well, in that case, we should fix the fine documentation:
To create a foreign key constraint, it is
necessary to have this privilege on both the referencing and
referenced columns. The privilege may be granted for all columns
of a table, or just specific columns.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise Postgres Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stephen Frost | 2010-07-22 01:15:07 | Re: ExecutorCheckPerms() hook |
| Previous Message | Stephen Frost | 2010-07-22 01:04:41 | Re: ExecutorCheckPerms() hook |