Re: lastval exposes information that currval does not

From: Phil Frost <indigo(at)bitglue(dot)com>
To: pgsql-hackers(at)postgresql(dot)org
Subject: Re: lastval exposes information that currval does not
Date: 2006-07-10 17:42:27
Message-ID: 20060710174227.GA5984@unununium.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Mon, Jul 10, 2006 at 12:49:54PM -0400, Bruce Momjian wrote:
>
> Docs updated:
>
> <para>
> For schemas, allows the grantee to find objects contained in the
> specified schema (assuming that the objects' own privilege requirements
> are also met).
> </para>

I think that misses the point. One can easily find objects in a schema
without usage by examining the system catalogs. The point is that there
are ways to access objects without going through the schema usage check,
and also that the check is made only once at the time a name is resolved
to an oid, which may then be cached in a prepared statement, stored
procedure, lastval, or the like. I would suggest something more like
this:

For schemas, allows the grantee to reference objects within the
specified schema by name. Note that any method of accessing an
object that does not involve naming will not check for this
privilege. For example, any function taking an OID parameter or
lastval(). Also, the check for this privilege will be made only once
when a query is planned, so stored plans such as from prepared
statements or stored procedures will not make the check again when
subsequently executed.

In applications where security is very important, it may be wise to
assure that no users have undesired privileges on objects within a
schema, and not to rely solely on the schema usage privilege.

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Martijn van Oosterhout 2006-07-10 18:24:08 Re: lastval exposes information that currval does not
Previous Message Bruce Momjian 2006-07-10 17:41:31 Re: Removing AddDepends; should I bother with a project?