| From: | "bigapple" <bigapple__2002(at)163(dot)com> |
|---|---|
| To: | PGBUGS <pgsql-bugs(at)postgresql(dot)org> |
| Subject: | permission leak |
| Date: | 2003-01-17 05:54:10 |
| Message-ID: | 20030117055208.01D601D2A5F24@sm212.163.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
PGBUGS,
Short Description
Drop user cannot delete the correspoding permission and cannot change the owner of the namespace.
Long Description
When I droped a user, the all permission granted by other user cannot be deleted.
The all SQL statements show as the follow:
test=# CREATE user userb; --user test is a superuser and the database is test.
CREATE USER
test=# GRANT SELECT on b to userb;
GRANT
test=# c test userb
You are now connected to database test as user userb.
test=> SELECT * from b; --the table b is public.b
id
----
(0 rows)
test=> c
You are now connected to database test as user test.
test=# drop user userb;
DROP USER
test=# CREATE user userc;
CREATE USER
test=# c test userc
You are now connected to database test as user userc.
test=> SELECT * from b; --the table b is public.b
a
---
(0 rows)
When I got these message, and checked the system catalog pg_shadow ,
and find the droped userb and new user userc had same usesysid.
And more, Superuser test create a schema for userb, the userc got the schema
for userc has the same usesysid as userb;
I think this is permission leak.
bigapple
2003.1.17.
2003-01-17
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Gleb Kouzmenko | 2003-01-17 14:32:32 | inet/cidr indexes almost not used |
| Previous Message | Josh Berkus | 2003-01-16 21:55:26 | WAL Recovery Bug in 7.2.3 |