Re: Removing pg_auth_members.grantor (was Grantor name gets lost when grantor role dropped)

From: Alvaro Herrera <alvherre(at)commandprompt(dot)com>
To: Russell Smith <mr-russ(at)pws(dot)com(dot)au>
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Jeff Davis <pgsql(at)j-davis(dot)com>, pgsql-bugs(at)postgresql(dot)org, Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Removing pg_auth_members.grantor (was Grantor name gets lost when grantor role dropped)
Date: 2007-05-15 13:34:29
Message-ID: 20070515133429.GC6298@alvh.no-ip.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-bugs pgsql-hackers

Russell Smith wrote:
> Alvaro Herrera wrote:
> >Alvaro Herrera wrote:
> >
> >
> >>2. decide that the standard is braindead and just omit dumping the
> >> grantor when it's no longer available, but don't remove
> >> pg_auth_members.grantor
> >>
> >>Which do people feel should be implemented? I can do whatever we
> >>decide; if no one has a strong opinion on the matter, my opinion is we
> >>do (2) which is the easiest.
> >
> >Here is a patch implementing this idea, vaguely based on Russell's.
>
> I haven't had time to finalize my research about this, but the admin
> option with revoke doesn't appear to work as expected.
>
> Here is my sample SQL for 8.2.4
>
> create table test (x integer);
> \z
> create role test1 noinherit;
> create role test2 noinherit;
> grant select on test to test1 with grant option;
> grant select on test to test2;
> \z test
> set role test1;
> revoke select on test from test2;
> \z test
> set role test2;
> select * from test;
> reset role;
> revoke all on test from test2;
> revoke all on test from test1;
> drop role test2;
> drop role test1;
> drop table test;
> \q
>
>
> The privilege doesn't appear to be revoked by test1 from test2. I'm not
> sure if this is related, but I wanted to bring it up in light of the
> options we have for grantor.

Humm, but the privilege was not granted by test1, but by the user you
were using initially. The docs state in a note that

A user can only revoke privileges that were granted directly by
that user.

I understand that this would apply to the grantor stuff being discussed
in this thread as well, but I haven't seen anyone arguing that we should
implement that for GRANT ROLE (and I asked three times if people felt it
was important and nobody answered).

--
Alvaro Herrera http://www.CommandPrompt.com/
PostgreSQL Replication, Consulting, Custom Development, 24x7 support

In response to

Responses

Browse pgsql-bugs by date

  From Date Subject
Next Message Andreas Sakowski 2007-05-15 13:45:27 BUG #3280: wrong german-translation
Previous Message Russell Smith 2007-05-15 08:50:22 Re: Removing pg_auth_members.grantor (was Grantor name gets lost when grantor role dropped)

Browse pgsql-hackers by date

  From Date Subject
Next Message Bruce Momjian 2007-05-15 14:09:06 Re: Managing the community information stream
Previous Message Alvaro Herrera 2007-05-15 13:24:31 Re: Invalid magic number in log file?