Require ownership permission for CREATE INDEX, per bug report.

Disallow CREATE INDEX on system catalogs, non-tables (views, sequences, etc).
Disallow CREATE/DROP TRIGGER on system catalogs, non-tables.
Disallow ALTER TABLE ADD/DROP CONSTRAINT on system catalogs.
Disallow FOREIGN KEY reference to non-table.
None of these things can actually work in the present system structure,
but the code was letting them pass without complaint.

src/backend/tcop/utility.c

@@ -10,7 +10,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/tcop/utility.c,v 1.123 2001/11/20 02:46:13 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/tcop/utility.c,v 1.124 2002/01/03 23:21:32 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -532,6 +532,13 @@ ProcessUtility(Node *parsetree,
 
 				set_ps_display(commandTag = "CREATE");
 
+				relname = stmt->relname;
+				if (!allowSystemTableMods && IsSystemRelationName(relname))
+					elog(ERROR, "CREATE INDEX: relation \"%s\" is a system catalog",
+						 relname);
+				if (!pg_ownercheck(GetUserId(), relname, RELNAME))
+					elog(ERROR, "permission denied");
+
 				DefineIndex(stmt->relname,		/* relation name */
 							stmt->idxname,		/* index name */
 							stmt->accessMethod, /* am name */