Re: RFC: common database policy/infrastracture
> In PostgreSQL, any user that can create other users is the equivalent of
> superuser;
Or so the 7.4 docs say.
> he can do anything to any database.
If that were so ...
> It is not acceptable for
> a database application package to create such users.
... this would hold true.
However, if I create a table as "postgres" in a database and
then connect as user "gm-dbowner" (which is our application
admin account with CREATEUSER and CREATEDB rights) I can *not*
insert into that table. Which seems to go contrary to what the
docs say.
Also, usesuper in pg_user is FALSE for gm-dbowner.
What is the definitive deal ?
Karsten
--
GPG key ID E4071346 @ wwwkeys.pgp.net
E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346
Reply to: