Re: [QUESTIONS] Trouble creating view\

Moved to pgsql-hackers@postgresql.org

On Mon, 16 Feb 1998, Bruce Momjian wrote:

Sure doesn't, but I think it is the same problem with pg_database. The
problem is that there is no permission control over tables finer than
insert/delete/update permissions. That is, if you say someone can add
and delete views by inserting/deleting in pg_rewrite, there is no way to
prevent him from deleting other people's views, at least as it is now
set up.

With pg_database, people used to be able to create databases, but not
delete them, that is, we gave them insert permission, but no delete
permission. But that meant people could create databases, but not
delete them. In 6.3, I enabled normal users with create database
permission to delete databases, but now they can delete anyone's
database, or at least the record in pg_database if they directly modify
pg_database rather than trying the 'drop database' command.

No way around that as the current system is configured, and I am not
sure how to fix this.

With pg_rewrite, the problem is harder because we don't have a 'is able
to create views' permission that we can give permission to certain
people.

Every database/table/view has an owner associated with them, no?
Can a check not be put in that checks the owner of the database/table/view
against who is trying to delete it, with pg_superuser having "override"
privileges? Obviously, the security level of the database itself comes
into play, but we have most (if not all?) of those in place and settable
by the administrator...

Marc G. Fournier
Systems Administrator @ hub.org
primary: scrappy@hub.org secondary: scrappy@{freebsd|postgresql}.org