The Hermit Hacker writes:
> What is the chance of (how hard would it be to?) having a hard
> coded view setup that overrides the permissions lock on pg_user? At what
> point is the lock implemented, software level, or file system?
I wasn't able to read data from a DB that I created with the very same user.
But I was able to connect, insert data etc. Why was that possible?
> All we would really need was:
>
> create view all_users as select usename,usesysid from pg_user;
>
> Which psql/odbc/ecgp/jdbc could call instead of what its doing
> now...
ecpg doesn't call anything like that. All I use is some PQ... functions. No
direct access to whatever user permission system we have. So does this have
to be changed in libpq?
Michael
--
Dr. Michael Meskes, Project-Manager | topsystem Systemhaus GmbH
meskes@topsystem.de | Europark A2, Adenauerstr. 20
meskes@debian.org | 52146 Wuerselen
Go SF49ers! Go Rhein Fire! | Tel: (+49) 2405/4670-44
Use Debian GNU/Linux! | Fax: (+49) 2405/4670-10