Stephen Frost <sfrost@snowman.net> writes:
> * Neha Sharma (neha.sharma@enterprisedb.com) wrote:
>> I have observed that even if the user does not have permission on a
>> table(created in by some other user),the function parameter still can have
>> a parameter of that table_column%type.
> This is because the creation of the table also creates a type of the
> same name and the type's permissions are independent of the table's. I
> imagine that you could REVOKE USAGE ON TYPE from the type and deny
> access to that type if you wanted to.
Right. (I checked, seems to work as expected.)
> I'm not sure that we should change the REVOKE on the table-level to also
> mean to REVOKE access to the type automatically (and what happens if you
> GRANT the access back for the table..?
It seems pretty silly for privileges on table rowtypes to behave
differently from those on other rowtypes.
regards, tom lane
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers