Re: bug in permission handling?
Gavin Sherry <swm@linuxworld.com.au>
From: Gavin Sherry <swm@linuxworld.com.au>
To: Peter Eisentraut <peter_e@gmx.net>
Cc: "Matthew T. O'Connor" <matthew@zeut.net>, Tom Lane <tgl@sss.pgh.pa.us>, Martin Renters <martin@datafax.com>, pgsql-hackers@postgresql.org
Date: 2002-01-26T05:27:32Z
Lists: pgsql-hackers
On Mon, 14 Jan 2002, Peter Eisentraut wrote: > Matthew T. O'Connor writes: > > > I think that extranious permissions whether they are misassgned to a new > > user, or not assigned to anyone are a bad thing. > > Well, Unix systems have been working like that for decades and no one has > come up with a bright idea how to fix it. Sorry to bring this up again a few weeks later. It occurs to me that this really isn't an answer. When adding a new user to a UNIX system, the relevant command would have *at least* to scan the entire file system to determine if the max(uid + 1) (from /etc/passwd) owned anything. This is unreasonable. In the case of postgres, however, all objects in the system are necessarily registered in the system tables. One could easily determine a sysid which owns no objects by scanning the attributes of those relations which reference objects in the system -- pg_aggregate.aggowner, pg_class.relowner, etc -- and add one to the maximum sysid found. I was going to run up a patch for this, but it wold be premature given the introduction of schemas in 7.3. Once implemented, it would be trivial to add a test of schema ownership and incorporate this into the idea above. Gavin