Upgrade to at least PostgreSQL v14 and run GRANT read_all_data, write_all_data TO myuser;

If the underlying table/view of the MV is dropped, is the MV also dropped? In a way. If a view has a dependency, such as a materialized view, an attempt to simply DROP VIEW would fail with: ERROR: cannot drop view v_test because other objects depend on it DETAIL: materialized view mv_test depends on view v_test HINT: Use DROP ... CASCADE to drop the dependent objects too. If you then take the hint and do DROP VIEW .. CASCADE, all dependencies (and their dependencies) will also be dropped.

As mustaccio pointed out, a local path is not going to be accessible from the SQL Server, which is the error you're receiving regarding "D:/My_Files/my_file.txt. It's looking for a file on the drive on the server that your SQL instance is installed on (not your local computer's drive). You may be able to create a network share to that folder and reference it by UNC path in the SQL Server instance though. How to do that is more so in the scope of a https://serverfault.com/ question. Alternatively you can add code in your Java program to read the local file and then do a BULK INSERT command from the app to your database.

Members of db_datareader can in fact read any table/view in any schema. Which is why it's often advised not to use this role if you need finegrained access control. You could create a new 'common_read' role, and just assign your users/groups to that one - and make a more restrictive grant (ie. don't grant access to 'secret_schema') To copy role-assignments: -- execute this, copy the output to query window and execute select concat('exec sp_addrole_member ''common_read'', ',rp.name,''';') from sys.database_role_members rm join sys.database_principals dp on (rm.role_principal_id = dp.principal_id) join sys.database_principals rp ON (rm.member_principal_id = rp.principal_id) where dp.name='db_datareader' In a pinch, you can always DENY access to a schema. This will trump any GRANT, so create a role, assign the members from db_datareader and DENY access to 'secret_schema'. But it's sort of a backwards way of doing it as it will require managing role memberships twice.

Right. You cannot GRANT the right to ALTER or DROP a table. Only the table owner or a superuser can do that. https://www.postgresql.org/docs/current/ddl-priv.html describes that: The right to modify or destroy an object is inherent in being the object's owner, and cannot be granted or revoked in itself. (However, like all privileges, that right can be inherited by members of the owning role; see https://www.postgresql.org/docs/current/role-membership.html )

The dbmanager role is a database role not a server role. That database role only exists in the master database. I.e., you have to create a user in the master database for the login in question and add that user to the dbmanager role. As seen below: CREATE LOGIN test WITH PASSWORD=N'Passw0rd' GO --Fails: ALTER ROLE dbmanager ADD MEMBER test GO CREATE USER testUsr FOR LOGIN test GO --Executes successfully: ALTER ROLE dbmanager ADD MEMBER testUsr GO

Your user obviously has the DBA role. Look into this SELECT granted_role FROM dba_role_privs where grantee='xxx'; where xxx is the name of your user (in capital letters usually)

Indeed, why not? Even if it is unusual, there is nothing wrong with managing your application users with database roles. As you say, it would make using row level security straightforward. Here are two potential problems to be aware of: You won't be able to use a connection pool effectively, since connections can only be reused for the same database user. Make sure to handle object permissions and policies via group roles. If you directly grant permissions to the end user, creating new users and dropping old ones becomes unnecessarily complicated.

First, try connecting to your container database as SYS instead of SYSTEM. SYSTEM is a template DBA account, but SYS (or any user with SYSDBA privileges, which effectively makes them SYS) is more powerful and must be used for some specific commands. connect sys as sysdba; Next, your xepdb2 database is already open in "READ WRITE" mode, so you don't need to open it again. Last, open your BOOKSHOP database with: alter pluggable database bookshop open; Conceptually, think of pluggable databases the same way you would think of a virtual machine in relation to a bare metal server. It's a logical construct that allows you to consolidate and share certain resources on the database server. The container database (CDB) is somewhat like your hypervisor: you generally don't mess with it except to create pluggable databases (PDBs), or perform certain system-level activities like backup and recovery. All of your application schemas and constructs go in the PDBs.

There is no way to do this using permissions. The only option would be to create an https://www.postgresql.org/docs/current/event-triggers.html that throws an exception if an undesirable object is created.

Check out the Microsoft Migration Assistant to handle this task: https://www.microsoft.com/en-us/download/details.aspx?id=53595 I found it quite valuable when moving from 2017 to 2019.

To examine the effective permissions on an object for a user, connect as or impersonate the user and run with c as ( SELECT concat(quotename(schema_name(schema_id)),'.', quotename(name)) fn from sys.objects o where o.is_ms_shipped = 0 ) Select * from c cross apply fn_my_permissions(c.fn,'OBJECT') p where subentity_name = '' Note that there is an edge case that will cause an object not to appear in this view, which is when the user running the query lacks VIEW DEFINITION on the target object, which you can work around by listing the objects before impersonating the target user, eg DECLARE @objects table (fn nvarchar(255)) insert into @objects(fn) SELECT concat(quotename(schema_name(schema_id)),'.', quotename(name)) fn from sys.objects o where o.is_ms_shipped = 0 execute as user='someuser'; with c as ( SELECT * FROM @objects ) Select * from c cross apply fn_my_permissions(c.fn,'OBJECT') p where subentity_name = '' revert And you can examine all the object, schema, and database grants like this: select case when class_desc = 'OBJECT_OR_COLUMN' then schema_name(o.schema_id) + '.' + o.name when class_desc = 'DATABASE' then 'DATABASE' when class_desc = 'SCHEMA' then 'schema::' + schema_name(p.major_id) end name, o.type_desc, u.name grantee, p.class_desc, p.permission_name, p.state_desc from sys.database_permissions P join sys.database_principals u on u.principal_id = p.grantee_principal_id left join sys.objects o on p.major_id = o.object_id where class_desc in( 'OBJECT_OR_COLUMN', 'DATABASE', 'SCHEMA') and p.major_id >= 0

You have to grant the “default” default privileges: ALTER DEFAULT PRIVILEGES FOR ROLE xyz GRANT EXECUTE ON FUNCTIONS TO PUBLIC; ALTER DEFAULT PRIVILEGES FOR ROLE xyz GRANT EXECUTE ON FUNCTIONS TO xyz; Then you should be able to drop the role.

When a user is informed that they no longer have access to the resources they were viewing, they have a choice to make: continue pursuing the goal with a different account abandon their current goal and start something new. The current design provides them an option for continuing to pursue their goal. The option that's missing is to help them step back to pursue a new goal. Consider adding a button that says something like Return Home, Back to Dashboard, or similar. If the larger context of this page still shows the application's navigation, it might seem redundant, and it is. However, there is benefit in allowing the user to see both options (e.g. Return Home and Use a different account) side by side and act on them explicitly. Currently, the user sees "Surprise! You've lost access to this page. Now choose from all of the application what to work on next." The user is likely still thinking about the loss of access. Only once they're done with that will they be ready to take a step back and start something new. This button would let them step back when they're ready. This provides an effective mental break for the user to step out of their current workflow before shifting their mindset into what to start next.

Best practice research: Jira and other issue trackers are very good examples for this problem. In Jira, you can assign people to issues, give them roles, rights etc. So it is easy to assign someone else if the previous person is not available anymore. But, there are several questions I see here: It is an edge case? If so, how much effort is allowed to put into it? If it is not an edge case, can we use this task delegation feature in more use cases too? (Because if yes, you can turn this into something totally different at the end.) I think, sharing accounts is not the right solution, but I can understand that it is an edge case right now, because this happens only few times a year. The most future-proof solution would be, if you implement an issue management system very similar to Jira. A simple one is when you add this feature to the profile itself. In the profile settings page, you just create a new option where the user can set its own profile as absent, and when this is active, the user have to select from a dropdown menu another user who will be responsible for the tasks during this period. From a technical perspective, it is just a "redirection of tasks", or a "temporary" change in ownership of tasks. All other personal info, messages will be not affected.

It's mostly useless (unless the app has some feature to download your transactions etc to external storage) but alas you are helpless there not to grant it anyway. The app mostly would force you to grant it neverthless

As far as i know, to all apps from android 6. Otherwise it would be a security issue.

By design*, the application cannot access the external storage if it does not have the READ_EXTERNAL_STORAGE permission granted. Allowlisted means that the permission is granted to the application. Probably medial and aural collection are the defaults medias for ringtones or notifications ( https://developer.android.com/reference/android/provider/MediaStore.Audio.AudioColumns#IS_RINGTONE or https://developer.android.com/reference/android/provider/MediaStore.Audio.AudioColumns#IS_NOTIFICATION ) as no special permission is needed to be accessed. By design*: Supposing that the application does not exploit a vulnerability on the Android system.

If an app has storage permissions or not is totally irrelevant if it can be exploited or not (unless you download a malicious file your self). Attacks on web browsers usually use an exploit chain, a combination of multiple exploits: The first exploit allows you to execute code with permissions of the web browser on Android. Next one exploits a vulnerability of your OS to get full permissions (privilege escalation: leave the restricted app sandbox). If necessary the last exploit then can give you root permissions, giving the attacker full access to everything (if step 2 has not already leveraged permissions to root). For step 1 it is important to use a web browsers that is properly maintained, and updated regularly. But zer0-day exploits are discovered quite a few, e.g. for Chromium based browsers you have usually one zero-day vulnerability per month, often more. Step 2 and 3 require an updated Android OS. As your phone is missing nearly two years of security updates there might be vulnerabilities for exiting the sand box and/or getting root. In a general sense if there is a flaw in the browser runtime such as the javascript engine, or rendering engine and adversary could conceivably cause your browser to execute an https://en.wikipedia.org/wiki/Arbitrary_code_execution as long as the OS allows it.

I asked the creator of the https://github.com/schwabe/ics-openvpn/discussions/1436 app. That app ignores the OpenVPN --user and --group options and it runs as an unpriviledged user which can be confirmed by installing Android Debug Bridge (ADB) on a computer to which the phone is attached via USB cable. Then run commands such as these: # adb shell sunfish:/ $ top | grep openvpn 20901 shell 20 0 10G 2.8M 2.1M S 0.0 0.0 0:00.00 grep openvpn 20901 shell 20 0 10G 2.8M 2.1M S 0.0 0.0 0:00.00 grep openvpn 19186 u0_a253 20 0 14G 96M 49M S 0.6 1.7 0:02.23 de.blinkt.openvpn:openvpn 19186 u0_a253 20 0 14G 96M 49M S 0.3 1.7 0:02.25 de.blinkt.openvpn:openvpn 19186 u0_a253 20 0 14G 96M 49M S 0.6 1.7 0:02.26 de.blinkt.openvpn:openvpn So in my case the client connecting to the OpenVPN server has user id: u0_a253 and not root. Regarding my original question.... my understanding is that u0_a252 is the UID of the Terminal process. Cheers, Flex