Re: BUG #17062: Assert failed in RemoveRoleFromObjectPolicy() on DROP OWNED policy applied to duplicate role

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Stephen Frost <sfrost(at)snowman(dot)net>
Cc: exclusion(at)gmail(dot)com, pgsql-bugs(at)lists(dot)postgresql(dot)org
Subject: Re: BUG #17062: Assert failed in RemoveRoleFromObjectPolicy() on DROP OWNED policy applied to duplicate role
Date: 2021-06-17 21:51:18
Message-ID: 1068096.1623966678@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-bugs

I wrote:
> So the proximate problem is RemoveRoleFromObjectPolicy's unfounded
> assumption that there are no duplicate OIDs in a pg_policy.polroles
> entry. But that function has got some other serious problems too:

While I'm whining ... that function's permissions checks seem
completely out of line too. How is it that, if I have the right
to drop some role, I lose that right if the role is mentioned in
a policy of some relation I don't own? It feels like this function
was written by copy-and-pasting a whole bunch of irrelevant logic.

regards, tom lane

In response to

Responses

Browse pgsql-bugs by date

  From Date Subject
Next Message Alexander Korotkov 2021-06-17 21:55:56 Re: BUG #16792: silent corruption of GIN index resulting in SELECTs returning non-matching rows
Previous Message Tom Lane 2021-06-17 21:32:42 Re: BUG #17062: Assert failed in RemoveRoleFromObjectPolicy() on DROP OWNED policy applied to duplicate role