You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-dev@db.apache.org by Daniel John Debrunner <dj...@debrunners.com> on 2005/11/01 01:40:47 UTC
Re: Grant and Revoke ... DERBY-464...
Satheesh Bandaram wrote:
> Hi
>
> I just attached my proposal to enhance Derby by adding Grant and Revoke
> capability to DERBY-464
> <http://issues.apache.org/jira/browse/DERBY-464>. Hope this leads to
> many other enhancements to Derby in the access-control and security
> areas to make Derby much more capable in client-server configurations.
>
[snip]
>
> When a table, view, function, or procedure is created its owner
> (creator) has full privileges on it. No other user has any privileges on
> it until the owner grants privileges.
Can those permissions, the owner's, be revoked?
Ie. if I a create table, can I then revoke DELETE permission on it, from
myself? So that no-one can perform a DELETE.
Dan.
Re: Grant and Revoke ... DERBY-464...
Posted by Daniel John Debrunner <dj...@debrunners.com>.
Satheesh Bandaram wrote:
> I wasn't planning on supporting that... An authorization ID can not
> revoke a privilege from itself... Same as when an authorization ID tries
> to GRANT itself some privilege.
OK, just wanted to confirm what was being proposed.
Thanks,
Dan.
>
> Satheesh
>
> Daniel John Debrunner wrote:
>
>
>>Can those permissions, the owner's, be revoked?
>>
>>Ie. if I a create table, can I then revoke DELETE permission on it, from
>>myself? So that no-one can perform a DELETE.
>>
>>Dan.
>>
>>
>>
>>
>>
>>
>
>
>
Re: Grant and Revoke ... DERBY-464...
Posted by Satheesh Bandaram <sa...@Sourcery.Org>.
I wasn't planning on supporting that... An authorization ID can not
revoke a privilege from itself... Same as when an authorization ID tries
to GRANT itself some privilege.
Satheesh
Daniel John Debrunner wrote:
>Can those permissions, the owner's, be revoked?
>
>Ie. if I a create table, can I then revoke DELETE permission on it, from
>myself? So that no-one can perform a DELETE.
>
>Dan.
>
>
>
>
>
>