Обсуждение: Proposal : changing table ownership

Syntax:

ALTER TABLE <table> OWNER TO <newowner>

Security:

The owner of a table will be able to change the owner to any other user.
The superuser will NOT have special privileges.

-- 

Mark Hollomon
mhh@nortelnetworks.com
ESN 451-9008 (302)454-9008

"Mark Hollomon" <mhh@nortelnetworks.com> writes:
> ALTER TABLE <table> OWNER TO <newowner>

> The owner of a table will be able to change the owner to any other user.

Doesn't this create risks parallel to file give-away (chown) in Unix?
A lot of Unices disallow chown except to the superuser.

Tables aren't currently active objects, but we've been talking about
things like making trigger functions run "setuid" to the table owner.
If that happens then table ownership giveaway is a big security hole.

> The superuser will NOT have special privileges.

Say *what* ?  That's just silly.
        regards, tom lane

On Fri, 8 Sep 2000, Tom Lane wrote:

> "Mark Hollomon" <mhh@nortelnetworks.com> writes:
> > ALTER TABLE <table> OWNER TO <newowner>
> 
> > The owner of a table will be able to change the owner to any other user.
> 
> Doesn't this create risks parallel to file give-away (chown) in Unix?
> A lot of Unices disallow chown except to the superuser.

Agreed ...

> Tables aren't currently active objects, but we've been talking about
> things like making trigger functions run "setuid" to the table owner.
> If that happens then table ownership giveaway is a big security hole.
> 
> > The superuser will NOT have special privileges.
> 
> Say *what* ?  That's just silly.

*Only* superuser should be able to run the above command ... 

The Hermit Hacker wrote:
>
> > "Mark Hollomon" <mhh@nortelnetworks.com> writes:
> > > ALTER TABLE <table> OWNER TO <newowner>
>
> *Only* superuser should be able to run the above command ...


Fine with me.

-- 

Mark Hollomon
mhh@nortelnetworks.com
ESN 451-9008 (302)454-9008