Received: from maia.hub.org (maia-2.hub.org [200.46.204.251]) by mail.postgresql.org (Postfix) with ESMTP id E97A6B5DBD7 for ; Mon, 13 Jun 2011 13:51:47 -0300 (ADT) Received: from mail.postgresql.org ([200.46.204.86]) by maia.hub.org (mx1.hub.org [200.46.204.251]) (amavisd-maia, port 10024) with ESMTP id 17748-03 for ; Mon, 13 Jun 2011 16:51:41 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mail-ey0-f174.google.com (mail-ey0-f174.google.com [209.85.215.174]) by mail.postgresql.org (Postfix) with ESMTP id 70352B5DBD6 for ; Mon, 13 Jun 2011 13:51:41 -0300 (ADT) Received: by eyx24 with SMTP id 24so1665881eyx.19 for ; Mon, 13 Jun 2011 09:51:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=LYl3M0Ib9xVAnz9JoK8YldG/YeHL/ppIyEy7KkmNrNc=; b=WZLu+uOhTl+b7tWacj5IrTDIzv4qFRSEikBRV2T7jEguKiAEGYi1/5LppRSUWKi2zE h3o75zaXC+KjAyogSfCbSarNWHuHZTMvMDMX00iQ28jxOilwXGPlU0OxN0pQyJ7b+VYj aDcTYs03lt7w2ND8hRDyMeKTyy5R46qWjJlzo= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=YQMCoMt05VOMTZGnv6Ni4MvnmGj6yuyMFrd4R14//vCRlKCdnbReoCcKlFZ121eF0K gmvKsS8Gw/dKkU+DHanRlhq2S3ruHomHqUXWDY999hXmueMRDSr+Vbew5uhJwWTfuQ2d EEj85GWKRMYX+HZdKrdIPh2QoPuVN43s1EwQo= MIME-Version: 1.0 Received: by 10.14.4.209 with SMTP id 57mr2413385eej.87.1307983898822; Mon, 13 Jun 2011 09:51:38 -0700 (PDT) Received: by 10.14.96.4 with HTTP; Mon, 13 Jun 2011 09:51:38 -0700 (PDT) In-Reply-To: References: Date: Mon, 13 Jun 2011 12:51:38 -0400 Message-ID: Subject: Re: DROP TABLE can be issued by schema owner as well as table owner From: Robert Haas To: Derrick Rice Cc: pgsql-docs@postgresql.org Content-Type: text/plain; charset=ISO-8859-1 X-Virus-Scanned: Maia Mailguard 1.0.1 X-Spam-Status: No, hits=0.002 tagged_above=-5 required=5 tests=FREEMAIL_FROM=0.001, RFC_ABUSE_POST=0.001 X-Spam-Level: X-Archive-Number: 201106/42 X-Sequence-Number: 6816 On Fri, May 20, 2011 at 11:42 AM, Derrick Rice wrote: > According to > > http://www.postgresql.org/docs/9.0/interactive/sql-droptable.html > > "DROP TABLE removes tables from the database. Only its owner can drop a > table." > > In fact, the schema owner can drop the table, which is clearly stated here: > > http://www.postgresql.org/docs/9.0/interactive/sql-dropschema.html > > "A schema can only be dropped by its owner or a superuser. Note that the > owner can drop the schema (and thereby all contained objects) even if he > does not own some of the objects within the schema." The sentence really should be written a way that indicates that we're talking about who can execute this particular command, rather than who can manage to accomplish the removal of the object. I don't think it's practical to document the latter. We'd have to include: - the owner of the table - the superuser - the schema owner, since they could drop the entire schema - the database owner, since they could drop the entire database - the system administrator, since they could delete the entire data directory, or any part of it - the person with physical control of the machine, since they could remove and wipe the disk - any world leader with access to nuclear weapons, since they could... well, you get the idea Even if we excluded the last few, it would be quite wordy to recapitulate this for every object type. I suggest we steal the phraseology from "DROP FOREIGN DATA WRAPPER", which reads: To execute this command, the current user must be the owner of the foreign-data wrapper. The phrase "to execute this command" makes the scope of what follows clear: it's just who can run this command, NOT who might be able by indirect means to get rid of the object. To cover all bases, we could add ", or the superuser" to the end of the sentence. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company