Re: [COMMITTERS] pgsql: Fix permission tests for views/tables proven empty by constraint

On 2013-05-07 21:45:02 -0400, Tom Lane wrote:
> Greg Stark <stark(at)mit(dot)edu> writes:
> > If we just reverted your fix and didn't fix it in 9.2 that would also
> > fix the crash right? The bug was only that it leaked the fact that the
> > view was provably empty from the definition?
>
> Well, it might fail to report a permissions violation when the
> not-allowed-to-be-accessed relation could be proven to yield no rows.
> I agree that it's a bit hard to call that a security issue as long as
> you assume that the attacker has access to the system catalogs; and
> even if you don't assume that, being able to discern that there's a
> check constraint on some table doesn't seem like a big leakage.

Couldn't it also cause tables not to be locked that ought to be? That
seems to be the nastier part to me.

Greetings,

Andres Freund

--
Andres Freund http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services