| From: | Thomas Lockhart <lockhart(at)fourpalms(dot)org> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | parkerm(at)hst(dot)stoneridge(dot)com, pgsql-bugs(at)postgresql(dot)org |
| Subject: | Re: Bug #746: Drop user damages security on tables |
| Date: | 2002-08-27 00:58:09 |
| Message-ID: | 3D6ACEA1.182B2AC1@fourpalms.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
> > A user was setup and had GRANT permissions on individual tables in a database. After the user was dropped, using the /z from psql command line showed the user ID still existing in the individual table permissions. After the drop, several other users then were unable to execute SELECT or INSERT on this table. These users would get a -601 error when trying to do a SELECT or INSERT. Also, trying to REVOKE permissions on the user ID that belonged to the dropped user resulted in a parse error.
> What is a "-601 error"? There's surely no such message in Postgres.
There surely is in ecpg:
ecpgerrno.h:#define ECPG_WARNING_QUERY_IGNORED -601
These error codes are typically chosen to conform to SQL9x or to
Oracle's conventions, though I haven't looked into this one in a
while...
- Thomas
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Casey Allen Shobe | 2002-08-27 03:32:49 | MD5 Password Storage and SSL TCP don't work together |
| Previous Message | Tom Lane | 2002-08-27 00:37:42 | Re: Bug #693: python interface doesn't handle int8 correctly. |