"PostgreSQL Bugs List" <[EMAIL PROTECTED]> writes:
> It seems that GRANT ALL ON SCHEMA does not properly
> check for grantor rights.
What's happening is that pg_namespace_aclcheck() allows the operation
if you have GRANT OPTION for *any* of the rights to be granted. The
same problem exists for all object types.
I am not sure whether we should refuse the operation or just narrow
the set of privileges to those that are grantable per GRANT OPTION.
Peter, any thoughts?
regards, tom lane
---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]
