(2012/02/23 5:32), Alvaro Herrera wrote:
My only concern on the patch is+static void +AlterForeignServerOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId) +{ + Form_pg_foreign_server form; - srvId = HeapTupleGetOid(tup); form = (Form_pg_foreign_server) GETSTRUCT(tup); if (form->srvowner != newOwnerId) @@ -366,10 +388,15 @@ AlterForeignServerOwner(const char *name, Oid newOwnerId) /* Superusers can always do it */ if (!superuser()) { I wonder if superusers can always do it. For example, is it OK for superusers to change the ownership of a foreign server owned by old_role to new_role that doesn't have USAGE privilege on its foreign data wrapper.Well, permission checking are just what they were before the patch. I did not change them here. I didn't participate in the discussions that led to the current behavior, but as far as I know the guiding principle here is that superusers always can do whatever they please. Maybe what you point out is a bug in the behavior (both before and after my patch), but if so, please raise it separately.
OK. Thanks. Best regards, Etsuro Fujita -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
