> I have started coding a user/group administration tool that allows you
> to add/modify/delete users and groups. I should have something working
> in a week. I will look similar to my pgmonitor tool.
> semi related to this, I have always thought that the way postgresql
handles the deletion of users and groups to be flawed. If I create a user,
grant permissions on a table and then drop the user, permissions now exist
on that table for a user that does not exist. I see this as a possible
security flaw since a new user can then be created with the user id of the
ID user and have all the permissions that might have ever been assigned to
that old user. When a user is deleted, shouldn't all permissions associated
with that user be deleted also, I would think this could be handled with a
PK/ FK cascading delete type setup.
my 2¢
Matt O'Connor