Theoretically same kind of problem should arise even if the privilege is granted to a user also. To be specific I would like know the answers for the following Q's
Scenario 1: =========== User A grants privilege to group B with grant option. User C who is in group B grants privilege to user D If super user removes the user C from the group, then who is the grantee for the user D? And who can revoke revoke the privileges from user D? Scenario 2: =========== User A grants privilege to group 'B' and 'Z' with grant option. User C who is in group 'B' and 'Z' grants privilege to user D. If user C removed from the group 'B' then who will be the grantee for user 'D'? And who can revoke revoke the privileges from user D? If user C is removed from both the groups then who will be the grantee for the user? And who can revoke revoke the privileges from user D? Thanks & Regards, Ramu -----Original Message----- From: Peter Eisentraut [mailto:[EMAIL PROTECTED] Sent: Friday, January 09, 2004 8:11 PM To: Potuganti Ramu; [EMAIL PROTECTED] Subject: Re: [HACKERS] "with grant option" for user groups. > Following statement says that "with grant option" is not allowed to a user > group. I would like to know what the reasons behind not implementing > this kind of feature. Consider the following sequence of steps: in database 1: user A grants privilege to group B with grant option user C who is in group B grants privilege to user D in database 2: superuser removes user C from group B --> user D still has the privilege, because superuser doesn't have access to database 1 from his session If you can live with this problem, then you can remove the check from the source code and it should work. ---------------------------(end of broadcast)--------------------------- TIP 7: don't forget to increase your free space map settings
