Quick Links

Re: BUG #1114: REVOKE done by non-privileged user claims success

From:	Peter Eisentraut <peter_e(at)gmx(dot)net>
To:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, "Oliver Elphick" <olly(at)lfix(dot)co(dot)uk>
Cc:	pgsql-bugs(at)postgresql(dot)org
Subject:	Re: BUG #1114: REVOKE done by non-privileged user claims success
Date:	2004-03-25 09:19:38
Message-ID:	200403251019.38407.peter_e@gmx.net
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-bugs

Tom Lane wrote:
> Looking at the code, this seems to be intentional, because the
> privilege check is not made for revokes only for grants:
> Peter, do you remember why you did it that way?

I'm not really sure right now. It doesn't really make sense, does it?
Certainly, the SQL standard requires a privilege check on revoke.

In response to

Re: BUG #1114: REVOKE done by non-privileged user claims success at 2004-03-24 16:14:20 from Tom Lane

Browse pgsql-bugs by date

	From	Date	Subject
Next Message	Martin Pitt	2004-03-25 11:25:33	Fwd: Infinite recursion in function causes DoS
Previous Message	wespvp	2004-03-24 23:01:59	Found Solaris sqlca problem, I think...