Received: from maia.hub.org (maia-2.hub.org [200.46.204.251])
	by mail.postgresql.org (Postfix) with ESMTP id 5F73AB5DC33
	for <pgsql-docs-postgresql.org@mail.postgresql.org>;
	Fri, 20 May 2011 13:18:22 -0300 (ADT)
Received: from mail.postgresql.org ([200.46.204.86])
	by maia.hub.org (mx1.hub.org [200.46.204.251]) (amavisd-maia,
	port 10024) with ESMTP id 48384-06 for
	<pgsql-docs-postgresql.org@mail.postgresql.org>;
	Fri, 20 May 2011 16:18:15 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from sd-17937.dedibox.fr (sd-17937.dedibox.fr [88.191.100.74])
	by mail.postgresql.org (Postfix) with ESMTP id 0F558B5DC00
	for <pgsql-docs@postgresql.org>; Fri, 20 May 2011 13:18:15 -0300 (ADT)
Received: from [192.168.10.3]
	(ASte-Genev-Bois-153-1-54-206.w81-249.abo.wanadoo.fr
	[81.249.148.206])
	by sd-17937.dedibox.fr (Postfix) with ESMTPA id 579523B8F5;
	Fri, 20 May 2011 18:18:14 +0200 (CEST)
Message-ID: <4DD69445.3070507@lelarge.info>
Date: Fri, 20 May 2011 18:18:13 +0200
From: Guillaume Lelarge <guillaume@lelarge.info>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US;
	rv:1.9.2.17) Gecko/20110424 Thunderbird/3.1.10
MIME-Version: 1.0
To: Derrick Rice <derrick.rice@gmail.com>
CC: pgsql-docs@postgresql.org
Subject: Re: DROP TABLE can be issued by schema owner as well as table
 owner
References: <BANLkTikpQfBj8EMwjwrA1kXOF1F8J4H6Hw@mail.gmail.com>
In-Reply-To: <BANLkTikpQfBj8EMwjwrA1kXOF1F8J4H6Hw@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
X-Virus-Scanned: Maia Mailguard 1.0.1
X-Spam-Status: No, hits=-1.9 tagged_above=-5 required=5 tests=BAYES_00=-1.9
X-Spam-Level: 
X-Archive-Number: 201105/73
X-Sequence-Number: 6748

Le 05/20/2011 05:42 PM, Derrick Rice a écrit :
> According to
> 
> http://www.postgresql.org/docs/9.0/interactive/sql-droptable.html
> 
> "DROP TABLE removes tables from the database. Only its owner can drop a
> table."
> 
> In fact, the schema owner can drop the table, which is clearly stated here:
> 
> http://www.postgresql.org/docs/9.0/interactive/sql-dropschema.html
> 
> "A schema can only be dropped by its owner or a superuser. Note that the
> owner can drop the schema (and thereby all contained objects) even if he
> does not own some of the objects within the schema."
> 
> There are likely other places besides the DROP TABLE page which can be
> misleading with regard to ability to drop a table.  This should be made more
> clear, since in (possibly contrived) circumstances, being able to drop a
> table and recreate an exactly similar table may be a vulnerability (if the
> design assumed the table could only be dropped by the owner).
> 
> (Just joined the list to post this -- sorry if it has already been brought
> up)
> 

Well, for a specific object, any superuser, the database owner, the
schema owner, and the object owner could drop the object. This is not a
vulnerability.


-- 
Guillaume
 http://www.postgresql.fr
 http://dalibo.com