Tom Lane wrote: > Taken at face value from a Postgres perspective, these statements seem > to imply that different ownership and permissions apply to a synonym > than to its referenced object; which seems like a completely horrid idea > from a security standpoint. But maybe they are only trying to say that > a synonym hides which *schema* the referenced object is in, and that is > tantamount to hiding the owner if you have the mindset that owner == > schema. Can anyone elucidate on just what is behind those statements? From http://download.oracle.com/docs/cd/B28359_01/network.111/b28531/authorization .htm#i1009141 [quote] A schema object and its synonym are equivalent with respect to privileges. That is, the object privileges granted on a table, view, sequence, procedure, function, or package apply whether referencing the base object by name or by using a synonym. [/quote] ... [quote] If you grant object privileges on a table, view, sequence, procedure, function, or package by referring to the object through a synonym for the object, then the effect is the same as if no synonym were used. [/quote] Best regards, -- Daniel PostgreSQL-powered mail user agent and storage: http://www.manitou-mail.org -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
