Participants
gsdfg gdfg
gsdfg gdfg
Tom Lane
Tom Lane
Andrew Dunstan
Andrew Dunstan
Attachments

No attachments in this thread

Thread Outline
#1gsdfg gdfggsdfg gdfg
Dec 21, 2010
#2Tom LaneTom Laneto gsdfg gdfg (#1)
Dec 21, 2010
#3Andrew DunstanAndrew Dunstanto gsdfg gdfg (#1)
Dec 21, 2010

Owner inheritance

Started by gsdfg gdfgabout 15 years ago3 messages
#1gsdfg gdfg
gsdfg gdfg
mx.morin@gmail.com

Would be great if owner can be inherited from parent object (owner table ==>
schema owner ==> database owner).
CREATE statement could add OWNER TO PARENT to cover this feature.

Michel

#2Tom Lane
Tom Lane
tgl@sss.pgh.pa.us
In reply to: gsdfg gdfg (#1)
Re: Owner inheritance

gsdfg gdfg <mx.morin@gmail.com> writes:

Would be great if owner can be inherited from parent object (owner table ==>
schema owner ==> database owner).
CREATE statement could add OWNER TO PARENT to cover this feature.

What it would be is a great security hole --- exactly analogous to
allowing Unix "chown" to non-superusers. Read up on the security
pitfalls of being able to give away ownership of an object.

regards, tom lane

#3Andrew Dunstan
Andrew Dunstan
andrew@dunslane.net
In reply to: gsdfg gdfg (#1)
Re: Owner inheritance

On 12/21/2010 07:04 AM, gsdfg gdfg wrote:

Would be great if owner can be inherited from parent object (owner
table ==> schema owner ==> database owner).
CREATE statement could add OWNER TO PARENT to cover this feature.

That syntax would violate POLA in the case of inherited tables (OWNER TO
CONTAINER, or just OWNER TO SCHEMA etc might be clearer). And I think
we'd have to restrict it to superusers anyway, which would seriously
limit its usefulness.

cheers

andrew

← Back to Topics