Re: pg_user permissions problem (Was: Re: [HACKERS] RE: New ecgp code problem.)

Michael Meskes <meskes@topsystem.de>

From: Michael Meskes <meskes@topsystem.de>
To: scrappy@hub.org (The Hermit Hacker)
Cc: pgsql-hackers@postgresql.org (PostgreSQL Hacker)
Date: 1998-02-19T13:13:06Z
Lists: pgsql-hackers
The Hermit Hacker writes:
> 	What is the chance of (how hard would it be to?) having a hard
> coded view setup that overrides the permissions lock on pg_user?  At what
> point is the lock implemented, software level, or file system?

I wasn't able to read data from a DB that I created with the very same user.
But I was able to connect, insert data etc. Why was that possible?

> 	All we would really need was:
> 
> 	create view all_users as select usename,usesysid from pg_user;
> 
> 	Which psql/odbc/ecgp/jdbc could call instead of what its doing
> now...

ecpg doesn't call anything like that. All I use is some PQ... functions. No
direct access to whatever user permission system we have. So does this have
to be changed in libpq?

Michael

-- 
Dr. Michael Meskes, Project-Manager    | topsystem Systemhaus GmbH
meskes@topsystem.de                    | Europark A2, Adenauerstr. 20
meskes@debian.org                      | 52146 Wuerselen
Go SF49ers! Go Rhein Fire!             | Tel: (+49) 2405/4670-44
Use Debian GNU/Linux!                  | Fax: (+49) 2405/4670-10