-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thu, 13 Dec 2007 14:55:53 +0900
Paul Lambert <paul.lambert@reynolds.com.au> wrote:
> > The analogy to think about is that usage privilege on a schema is
> > comparable to read access on a directory. That doesn't necessarily
> > give you access to any single file in the directory --- but lack of
> > it does ensure you cannot get to those files.
> >
> > regards, tom lane
> Point taken and yes, I would agree that default behavior should be to
> not give priviledges to anything other than the explicitly defined
> object - but would it not be a good idea to provide some sort of
> cascade/recurse option to granting/revoking privileges so that doing
> so on a container object results in the priviledges being propogated
> down the line for the cases where such is desired?
Yes and it has been oft requested. However :), nobody has coded a patch
or submitted a proposal on how it would be done in a maintainable
manner.
>
> Taking your example of file permissions - although it is not default
> behavior, it is possible to recursively apply a priviledge change to
> a directory onto files/subdirectories within it. Certainly it can be
> done on OpenVMS and Windows that I work with primarily and I'm 99%
> sure it can be done on *ix systems too.
Yes *ix can do it to.
Sincerely,
Joshua D. Drake
- --
The PostgreSQL Company: Since 1997, http://www.commandprompt.com/
Sales/Support: +1.503.667.4564 24x7/Emergency: +1.800.492.2240
Donate to the PostgreSQL Project: http://www.postgresql.org/about/donate
SELECT 'Training', 'Consulting' FROM vendor WHERE name = 'CMD'
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHYX60ATb/zqfZUUQRAkK1AKCY8i5bHTUChaUp2LcovnSdgrwq+wCdHlCW
TdBpE7HUUVyr2OmzSnNQUKw=
=Ci4R
-----END PGP SIGNATURE-----