public inbox for [email protected]
help / color / mirror / Atom feedFrom: Robert Haas <[email protected]>
To: Derrick Rice <[email protected]>
Cc: [email protected]
Subject: Re: DROP TABLE can be issued by schema owner as well as table owner
Date: Mon, 13 Jun 2011 12:51:38 -0400
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>
References: <[email protected]>
On Fri, May 20, 2011 at 11:42 AM, Derrick Rice <[email protected]> wrote:
> According to
>
> http://www.postgresql.org/docs/9.0/interactive/sql-droptable.html
>
> "DROP TABLE removes tables from the database. Only its owner can drop a
> table."
>
> In fact, the schema owner can drop the table, which is clearly stated here:
>
> http://www.postgresql.org/docs/9.0/interactive/sql-dropschema.html
>
> "A schema can only be dropped by its owner or a superuser. Note that the
> owner can drop the schema (and thereby all contained objects) even if he
> does not own some of the objects within the schema."
The sentence really should be written a way that indicates that we're
talking about who can execute this particular command, rather than who
can manage to accomplish the removal of the object. I don't think
it's practical to document the latter. We'd have to include:
- the owner of the table
- the superuser
- the schema owner, since they could drop the entire schema
- the database owner, since they could drop the entire database
- the system administrator, since they could delete the entire data
directory, or any part of it
- the person with physical control of the machine, since they could
remove and wipe the disk
- any world leader with access to nuclear weapons, since they could...
well, you get the idea
Even if we excluded the last few, it would be quite wordy to
recapitulate this for every object type. I suggest we steal the
phraseology from "DROP FOREIGN DATA WRAPPER", which reads:
To execute this command, the current user must be the owner of the
foreign-data wrapper.
The phrase "to execute this command" makes the scope of what follows
clear: it's just who can run this command, NOT who might be able by
indirect means to get rid of the object. To cover all bases, we could
add ", or the superuser" to the end of the sentence.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
view thread (12+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected]
Subject: Re: DROP TABLE can be issued by schema owner as well as table owner
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox