All right, I give up. I guess no one seems to want to admit this is a
bad security policy, or accurately document it. Does that make it an
easter egg?

On Thu, Jul 20, 2006 at 01:59:43PM -0400, Bruce Momjian wrote:
> OK, text again updated:
>        For schemas, allows access to objects contained in the specified
>        schema (assuming that the objects' own privilege requirements are
>        also met).  Essentially this allows the grantee to <quote>look up</>
>        objects within the schema.  Without this permission, it is still
>        possible to see the object names, e.g. by querying the system tables.
>        Also, after revoking this permission, existing backends might have
>        statements that have previously performed this lookup, so this is not
>        a completely secure way to prevent object access.

---------------------------(end of broadcast)---------------------------
TIP 2: Don't 'kill -9' the postmaster

Reply via email to