Q1: Who can explain the privilage of the superuser ? In postgresql's document£¬Part VI. Reference,SQL Commands,GRANT, it said:
It should be noted that database superusers can access all objects regardless of object privilege settings. Q2: Why PostgreSQL check whether the view1'sowner had peivilage for tb2 when run "select * from view1;" ? (Dongni's test case) In Dongni's test case, current user is superuser when run "select * from view1;" . Reading the pg_class_aclmask() in aclchk.c, I found PG claim the current object's owner(current object is view1) should have the select privilage for table tb2. I dno't usderstant why do it so? regards, hx.li "Tom Lane" <t...@sss.pgh.pa.us> дÈëÏûÏ¢ÐÂÎÅ:7536.1256911...@sss.pgh.pa.us... > No, that would be a bad idea. Your proposal essentially means that it's > impossible for a superuser to give up rights when calling a setuid > function or view. That would be a serious security hazard. > > regards, tom lane > > -- > Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org) > To make changes to your subscription: > http://www.postgresql.org/mailpref/pgsql-bugs > -- Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-bugs
