Re: [HACKERS] Here it is - view permissions

Bruce Momjian <maillist@candle.pha.pa.us>

From: Bruce Momjian <maillist@candle.pha.pa.us>
To: olly@lfix.co.uk (Oliver Elphick)
Cc: pgsql-hackers@hub.org
Date: 1998-02-23T22:35:09Z
Lists: pgsql-hackers
 > 
> Bruce Momjian wrote:
>   >All tables are created with default permissions for SELECT to PUBLIC, so
>   >views are no different.
> 
> Is this not contrary to the SQL standard?  I understood that SQL tables
> are created with permissions for their creator only; any permissions for
> other users must be granted explicitly.  According to "SQL The Standard
> Handbook" (Cannan & Otten, 1993), the owner of the schema in which a table
> is created is given a full set of privileges, and no other user can access

Will be the default in 6.3, I think.
 
> the table or even discover that it exists!
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Not in 6.3, or maybe ever.  Too much OO stuff for that, I think.

> 
> It certainly seems undesirable to give automatic access to data of unknown
> sensitivity.  Surely the default permission should be for the table's
> creator alone or for the owner of the PostgreSQL database (which I suppose 
> is equivalent to the `schema').
> 
> I see that Jan Wieck has posted a method for preventing world readability;
> perhaps this should just be flagged as a configurable option.


-- 
Bruce Momjian                          |  830 Blythe Avenue
maillist@candle.pha.pa.us              |  Drexel Hill, Pennsylvania 19026
  +  If your life is a hard drive,     |  (610) 353-9879(w)
  +  Christ can be your backup.        |  (610) 853-3000(h)