Re: [HACKERS] Here it is - view permissions
Marc Fournier <scrappy@hub.org>
From: The Hermit Hacker <scrappy@hub.org>
To: Mattias Kregert <matti@algonet.se>
Cc: Bruce Momjian <maillist@candle.pha.pa.us>, pgsql-hackers@postgreSQL.org
Date: 1998-02-23T13:06:33Z
Lists: pgsql-hackers
On Mon, 23 Feb 1998, Mattias Kregert wrote: > Bruce Momjian wrote: > > > > OK, but why would anyone want the old behavior? > > > > I guess if you have a table that is not select-able by everyone, and you > > create a view on it, the default permits will allow select to others. > > You would have to set the permit on that view. Is there more to that > > pg_class flag you want to add? > > Why does views default to 'select' permission for 'public'? > I think most people will never think of the possibility that others > will be able to SELECT their data through views. > Should not 'create view' at least print a NOTICE about this? Considering how much security we are putting around everything else, is it unreasonably to have both 'create view'/'create table' default to 'revoke all' to public, and 'grant all' to owner?