From: | Josh Berkus <josh(at)agliodbs(dot)com> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>, Marko Kreen <markokr(at)gmail(dot)com>, Bruno Wolff III <bruno(at)wolff(dot)to>, PostgreSQL-patches <pgsql-patches(at)postgresql(dot)org> |
Subject: | Re: [HACKERS] Inconsistent syntax in GRANT |
Date: | 2006-01-06 23:21:25 |
Message-ID: | 200601061521.25638.josh@agliodbs.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers pgsql-patches |
Tom,
> BTW, what about lastval()? I'm not sure we can usefully associate any
> privilege check with that, since it's not clear which sequence it
> applies to. Does it make sense to remember what sequence the value came
> from and privilege-check against that, or is that just too weird?
Hmmm. Yet another problem with lastval(). Darn those MySQL migrators!
I'd say that lastval() needs to be defined as the superuser with "security
definer". Hmmm, although does that carry over to sequences the superuser
doesn't own? How are we handling it now?
Overal, it's hard to get too concerned about this, since a user can't
really get anything out of lastval() if he doesn't have permissions on the
sequence he's trying to query, in order to run currval.
--
--Josh
Josh Berkus
Aglio Database Solutions
San Francisco
From | Date | Subject | |
---|---|---|---|
Next Message | Josh Berkus | 2006-01-06 23:26:14 | Re: Improving N-Distinct estimation by ANALYZE |
Previous Message | Tom Lane | 2006-01-06 23:04:35 | Re: [HACKERS] Inconsistent syntax in GRANT |
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2006-01-06 23:36:43 | Re: [HACKERS] Inconsistent syntax in GRANT |
Previous Message | Tom Lane | 2006-01-06 23:04:35 | Re: [HACKERS] Inconsistent syntax in GRANT |