Re: bug in permission handling?

Gavin Sherry <swm@linuxworld.com.au>

From: Gavin Sherry <swm@linuxworld.com.au>
To: Peter Eisentraut <peter_e@gmx.net>
Cc: "Matthew T. O'Connor" <matthew@zeut.net>, Tom Lane <tgl@sss.pgh.pa.us>, Martin Renters <martin@datafax.com>, pgsql-hackers@postgresql.org
Date: 2002-01-26T05:27:32Z
Lists: pgsql-hackers
On Mon, 14 Jan 2002, Peter Eisentraut wrote:

> Matthew T. O'Connor writes:
> 
> > I think that extranious permissions whether they are misassgned to a new
> > user, or not assigned to anyone are a bad thing.
> 
> Well, Unix systems have been working like that for decades and no one has
> come up with a bright idea how to fix it.

Sorry to bring this up again a few weeks later. It occurs to me that this
really isn't an answer. When adding a new user to a UNIX system, the
relevant command would have *at least* to scan the entire file system to
determine if the max(uid + 1) (from /etc/passwd) owned anything. This is
unreasonable. 

In the case of postgres, however, all objects in the system are
necessarily registered in the system tables. One could easily determine a
sysid which owns no objects by scanning the attributes of those relations
which reference objects in the system -- pg_aggregate.aggowner,
pg_class.relowner, etc -- and add one to the maximum sysid found.

I was going to run up a patch for this, but it wold be premature given
the introduction of schemas in 7.3. Once implemented, it would be trivial
to add a test of schema ownership and incorporate this into the idea
above.

Gavin