Tom Lane wrote:
> Taken at face value from a Postgres perspective, these statements seem
> to imply that different ownership and permissions apply to a synonym
> than to its referenced object; which seems like a completely horrid idea
> from a security standpoint. But maybe they are only trying to say that
> a synonym hides which *schema* the referenced object is in, and that is
> tantamount to hiding the owner if you have the mindset that owner ==
> schema. Can anyone elucidate on just what is behind those statements?
From
http://download.oracle.com/docs/cd/B28359_01/network.111/b28531/authorization
.htm#i1009141
[quote]
A schema object and its synonym are equivalent with respect to privileges.
That is, the object privileges granted on a table, view, sequence, procedure,
function, or package apply whether referencing the base object by name or by
using a synonym.
[/quote]
...
[quote]
If you grant object privileges on a table, view, sequence, procedure,
function, or package by referring to the object through a synonym for the
object, then the effect is the same as if no synonym were used.
[/quote]
Best regards,
--
Daniel
PostgreSQL-powered mail user agent and storage: http://www.manitou-mail.org