Re: BUG #14131: BUG, schema owner can drop otheruser's object in it's schema
От | 德哥 |
---|---|
Тема | Re: BUG #14131: BUG, schema owner can drop otheruser's object in it's schema |
Дата | |
Msg-id | 1f2ec8ca.bd64.1549b57aac8.Coremail.digoal@126.com обсуждение исходный текст |
Ответ на | Re: BUG #14131: BUG, schema owner can drop otheruser's object in it's schema (Tom Lane <tgl@sss.pgh.pa.us>) |
Список | pgsql-bugs |
<div style="line-height:1.7;color:#000000;font-size:14px;font-family:Arial"><div style="position:relative;zoom:1">Yes, databaseowner can drop database direct, but it can not drop object in database direct. </div><div style="position:relative;zoom:1">butschema owner can drop object in schema direct. </div><div style="position:relative;zoom:1">Ithink this is not good for a Enterprise Database system.</div><div style="position:relative;zoom:1"><br/></div><div style="position:relative;zoom:1"><div style="position:relative;zoom:1">postgres=>\c postgres r1</div><div style="position:relative;zoom:1">You are now connectedto database "postgres" as user "r1".</div><div style="position:relative;zoom:1">postgres=> create database db1;</div><divstyle="position:relative;zoom:1">CREATE DATABASE</div><div style="position:relative;zoom:1">postgres=> grantall on database db1 to r2;</div><div style="position:relative;zoom:1">GRANT</div><div style="position:relative;zoom:1">postgres=>\c db1 r2</div><div style="position:relative;zoom:1">You are now connectedto database "db1" as user "r2".</div><div style="position:relative;zoom:1">db1=> create schema r2;</div><divstyle="position:relative;zoom:1">CREATE SCHEMA</div><div style="position:relative;zoom:1">db1=> create tabler2.t(id int);</div><div style="position:relative;zoom:1">CREATE TABLE</div><div style="position:relative;zoom:1">db1=>insert into t select generate_series(1,100);</div><div style="position:relative;zoom:1">INSERT0 100</div><div style="position:relative;zoom:1">db1=> \c db1 postgres</div><divstyle="position:relative;zoom:1">You are now connected to database "db1" as user "postgres".</div><divstyle="position:relative;zoom:1">db1=# create table t(id int);</div><div style="position:relative;zoom:1">CREATETABLE</div><div style="position:relative;zoom:1">db1=# insert into t select generate_series(1,100);</div><divstyle="position:relative;zoom:1">INSERT 0 100</div><div style="position:relative;zoom:1"><divstyle="position:relative;zoom:1">postgres=> \c db1 r1</div><div style="position:relative;zoom:1">Youare now connected to database "db1" as user "r1".</div><div style="position:relative;zoom:1">db1=>drop table r2.t ;</div><div style="position:relative;zoom:1">ERROR: permissiondenied for schema r2</div><div style="position:relative;zoom:1">db1=> drop table public.t ;</div><div style="position:relative;zoom:1">ERROR: must be owner of relation t</div><div style="position:relative;zoom:1">db1=> dropschema r2;</div><div style="position:relative;zoom:1">ERROR: must be owner of schema r2</div><div style="position:relative;zoom:1">db1=>drop schema public;</div><div style="position:relative;zoom:1">ERROR: must be ownerof schema public</div><div style="position:relative;zoom:1">db1=> \c postgres r1</div><div style="position:relative;zoom:1">Youare now connected to database "postgres" as user "r1".</div><div style="position:relative;zoom:1">postgres=>drop database r1;</div><div style="position:relative;zoom:1">ERROR: database"r1" does not exist</div><div style="position:relative;zoom:1">postgres=> drop database db1;</div><div style="position:relative;zoom:1">DROPDATABASE</div></div></div><div style="position:relative;zoom:1"><br /></div><div style="position:relative;zoom:1">regards,digoal<div style="clear:both"></div></div><div id="divNeteaseMailCard"></div><br/><pre><br />At 2016-05-10 21:59:13, "Tom Lane" <tgl@sss.pgh.pa.us> wrote: >digoal@126.com writes: >> schema r1's owenr is r1. >> i create two table in schema r1, these table's owner is r2 and postgres. but >> schema r1's owner r1 can drop r2 and postgres's table in schema r1. > >This is the intended and documented behavior. It's no different than >if a database owner chooses to drop a database. > > regards, tom lane </pre></div>
В списке pgsql-bugs по дате отправления:
Предыдущее
От: "David G. Johnston"Дата:
Сообщение: Re: BUG #14131: BUG, schema owner can drop otheruser's object in it's schema
Следующее
От: 德哥Дата:
Сообщение: Re: BUG #14131: BUG, schema owner can drop otheruser's object in it's schema