On 2005-09-01, Tom Lane <[EMAIL PROTECTED]> wrote:
> Andrew Dunstan <[EMAIL PROTECTED]> writes:
>> Tom Lane wrote:
>>> Change the ownership of public in template1 to be a "dbadmin" group.
>>> Grant membership in "dbadmin" to all the DB owners. End of problem.
>
>> Won't that suddenly grant the own
Andrew Dunstan <[EMAIL PROTECTED]> writes:
> Tom Lane wrote:
>> Change the ownership of public in template1 to be a "dbadmin" group.
>> Grant membership in "dbadmin" to all the DB owners. End of problem.
> Won't that suddenly grant the owner of foo_db dbadmin rights in bar_db?
> That seems to v
Tom Lane wrote:
Change the ownership of public in template1 to be a "dbadmin" group.
Grant membership in "dbadmin" to all the DB owners. End of problem.
Won't that suddenly grant the owner of foo_db dbadmin rights in bar_db?
That seems to violate the principle of least surprise.
ch
On 2005-09-01, Tom Lane <[EMAIL PROTECTED]> wrote:
> Andrew - Supernews <[EMAIL PROTECTED]> writes:
>> On 2005-09-01, Tom Lane <[EMAIL PROTECTED]> wrote:
>>> Change the ownership of public in template1 to be a "dbadmin" group.
>>> Grant membership in "dbadmin" to all the DB owners. End of problem.
Andrew - Supernews <[EMAIL PROTECTED]> writes:
> On 2005-09-01, Tom Lane <[EMAIL PROTECTED]> wrote:
>> Change the ownership of public in template1 to be a "dbadmin" group.
>> Grant membership in "dbadmin" to all the DB owners. End of problem.
> Only if all db owners are equivalent.
If you don't
On 2005-09-01, Tom Lane <[EMAIL PROTECTED]> wrote:
> Andrew - Supernews <[EMAIL PROTECTED]> writes:
>> On 2005-09-01, Tom Lane <[EMAIL PROTECTED]> wrote:
>>> There is some merit in the thought that the DB owner should be able to
>>> grant and revoke access on the public schema, but that no longer
>
Andrew - Supernews <[EMAIL PROTECTED]> writes:
> On 2005-09-01, Tom Lane <[EMAIL PROTECTED]> wrote:
>> There is some merit in the thought that the DB owner should be able to
>> grant and revoke access on the public schema, but that no longer
>> requires ownership, only membership in an appropriate
On 2005-09-01, Tom Lane <[EMAIL PROTECTED]> wrote:
> Andrew - Supernews <[EMAIL PROTECTED]> writes:
>> On 2005-09-01, Tom Lane <[EMAIL PROTECTED]> wrote:
>>> There's considerable feeling that that TODO item is bogus anyway.
>
>> The issue that I've seen is that currently, allowing non-superusers to
Andrew - Supernews <[EMAIL PROTECTED]> writes:
> On 2005-09-01, Tom Lane <[EMAIL PROTECTED]> wrote:
>> There's considerable feeling that that TODO item is bogus anyway.
> The issue that I've seen is that currently, allowing non-superusers to
> create databases in a useful manner requires all sorts
On 2005-09-01, Tom Lane <[EMAIL PROTECTED]> wrote:
> Jaime Casanova <[EMAIL PROTECTED]> writes:
>> I see this TODO item:
>> * %Set proper permissions on non-system schemas during db creation
>> I think a quetion here is wich are non-system schemas?
>
> There's considerable feeling that that TODO it
Jaime Casanova <[EMAIL PROTECTED]> writes:
> I see this TODO item:
> * %Set proper permissions on non-system schemas during db creation
> I think a quetion here is wich are non-system schemas?
There's considerable feeling that that TODO item is bogus anyway.
It was pushed in by people who think th
Hi,
I see this TODO item:
* %Set proper permissions on non-system schemas during db creation
I think a quetion here is wich are non-system schemas?
i guess "public" is one of these... but in pg_namespace i have no way
to know that. Is there another way? or maybe we need an attribute to
know tha
12 matches
Mail list logo
