Re: DROP TABLE can be issued by schema owner as well as table owner

Поиск

Список

Период

Сортировка

От	Alvaro Herrera
Тема	Re: DROP TABLE can be issued by schema owner as well as table owner
Дата	20 мая 2011 г. 16:54:02
Msg-id	1305910393-sup-7762@alvh.no-ip.org обсуждение исходный текст
Ответ на	Re: DROP TABLE can be issued by schema owner as well as table owner (Derrick Rice <derrick.rice@gmail.com>)
Ответы	Re: DROP TABLE can be issued by schema owner as well as table owner (Guillaume Lelarge <guillaume@lelarge.info>)
Список	pgsql-docs

Дерево обсуждения

Excerpts from Derrick Rice's message of vie may 20 12:35:24 -0400 2011:
> On Fri, May 20, 2011 at 12:18 PM, Guillaume Lelarge
> <guillaume@lelarge.info>wrote:
>
> > Well, for a specific object, any superuser, the database owner, the
> > schema owner, and the object owner could drop the object. This is not a
> > vulnerability.
> >
>
> It is not documented clearly.  Any information not made clear is an
> opportunity for an error which leads to a vulnerability.

So we need a standard caveat stmt on all relevant pages?  Seems
reasonable to me.

--
Álvaro Herrera <alvherre@commandprompt.com>
The PostgreSQL Company - Command Prompt, Inc.
PostgreSQL Replication, Consulting, Custom Development, 24x7 support

В списке pgsql-docs по дате отправления:

Предыдущее

От: Derrick Rice
Дата: 20 мая 2011 г., 16:35:33
Сообщение: Re: DROP TABLE can be issued by schema owner as well as table owner

Следующее

От: Guillaume Lelarge
Дата: 20 мая 2011 г., 17:24:35
Сообщение: Re: DROP TABLE can be issued by schema owner as well as table owner

Вход в личный кабинет

Восстановление пароля

Подтверждение аккаунта

Изменение пароля

Re: DROP TABLE can be issued by schema owner as well as table owner

Предыдущее

Следующее