On Thu, 9 Mar 2000, Bruce Momjian wrote:
> > What do you think?
>
> ... CENSORED :-) ... I will add it to the TODO.
Aleluya (sp. ?) !!!
At least you plan to do something, then I'm finally happy.
When you'll correct this, and I hope it will be soon, please don't forget
to correct the other big (IMHO) problem with acls I've posted in this
list:
when you drop a user, its permissions are not dropped. They must be
dropped manually BEFORE you drop the user. it's a problem because if you
forget to do it, then:
when, after having dropped an user who had permissions (which were not
dropped), you create a new user, then the same userid is reused, so the
new user inherits all permissions the previous user had. Of course you can
do a \z on all databases to see that, but it's more probable it will be,
at least partially, unnoticed by the postgresql superuser.
IMHO the userid should be set either randomly, or with a sequence, but the
same userid should not be reused in a long long time, unless permissions
are dropped with the user.
I admit that the exact same problem exists with *nix userids, which root
can reuse whenever he wants, however that's not a good reason to keep
postgresql behaving this way, so postgresql should either:
drop every and all user permissions automatically when this user is
dropped.
or
never reuse a userid.
the latter seems more difficult to do because you allow to map *nix
userids to postgresql userids.
bye,
Jerome
