On Thu, Oct 20, 2011 at 9:56 AM, Derrick Rice wrote:
> If I recall correctly, it's the username and the password concatenated
> and md5'd, then "md5" prepended.
>
> USER=...
> PASS=...
> MD5=`echo $USER$PASS | md5sum | cut -d' ' -f1`
> echo
On Wed, Oct 19, 2011 at 3:04 PM, Fred Cox wrote:
>
> On http://www.postgresql.org/docs/9.1/interactive/sql-createrole.html there
> is mention of a possibility of setting a password for a new role by supplying
> it in md5 format. This format doesn't seem to be documented.
> "If the presented pas
> The sentence really should be written a way that indicates that we're
> talking about who can execute this particular command, rather than who
> can manage to accomplish the removal of the object. I don't think
> it's practical to document the latter. We'd have to include:
>
> - the owner of th
On Fri, May 20, 2011 at 12:18 PM, Guillaume Lelarge
wrote:
> Well, for a specific object, any superuser, the database owner, the
> schema owner, and the object owner could drop the object. This is not a
> vulnerability.
>
It is not documented clearly. Any information not made clear is an
opportu
According to
http://www.postgresql.org/docs/9.0/interactive/sql-droptable.html
"DROP TABLE removes tables from the database. Only its owner can drop a
table."
In fact, the schema owner can drop the table, which is clearly stated here:
http://www.postgresql.org/docs/9.0/interactive/sql-dropschem
