Re: Do we want SYNONYMS?
От | Daniel Verite |
---|---|
Тема | Re: Do we want SYNONYMS? |
Дата | |
Msg-id | 1084b3db-00c0-4d37-beec-9097e420b84b@mm обсуждение исходный текст |
Ответ на | Re: Do we want SYNONYMS? (Tom Lane <tgl@sss.pgh.pa.us>) |
Ответы |
Re: Do we want SYNONYMS?
|
Список | pgsql-general |
Tom Lane wrote: > Taken at face value from a Postgres perspective, these statements seem > to imply that different ownership and permissions apply to a synonym > than to its referenced object; which seems like a completely horrid idea > from a security standpoint. But maybe they are only trying to say that > a synonym hides which *schema* the referenced object is in, and that is > tantamount to hiding the owner if you have the mindset that owner == > schema. Can anyone elucidate on just what is behind those statements? From http://download.oracle.com/docs/cd/B28359_01/network.111/b28531/authorization .htm#i1009141 [quote] A schema object and its synonym are equivalent with respect to privileges. That is, the object privileges granted on a table, view, sequence, procedure, function, or package apply whether referencing the base object by name or by using a synonym. [/quote] ... [quote] If you grant object privileges on a table, view, sequence, procedure, function, or package by referring to the object through a synonym for the object, then the effect is the same as if no synonym were used. [/quote] Best regards, -- Daniel PostgreSQL-powered mail user agent and storage: http://www.manitou-mail.org
В списке pgsql-general по дате отправления: