From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
---|---|
To: | Postgresql Hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: reuse sysids security hole? |
Date: | 2003-08-13 11:42:39 |
Message-ID: | 3F3A242F.3030003@dunslane.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Regarding second item, I don't think anyone suggested autodropping
objects, or else I misunderstood. (That would be dangerous, to say the
least, IMHO). There were suggestions of reparenting objects, and warning
of objects losing ownership, although feasibility questions remain.
(I'm still convinced something sensible can be done, though. I did have
an idea of keeping a reference count of owned objects in the shadow
table, but it just seemed too ugly and error prone and not worth it).
So maybe a better generic wording for TODO would be
* Better handling of dropping a user who owns objects.
andrew
Tom Lane wrote:
>Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
>
>
>>Can I have a TODO for this?
>>
>>
>
>* Prevent accidental re-use of sysids for dropped users and groups
>
>The other part of the thread was something like
>
>* Prevent dropping user that still owns objects, or auto-drop the objects
>
>which if successful would eliminate the need to worry about sysid reuse,
>but I really don't see a feasible implementation at the moment.
>
> regards, tom lane
>
>---------------------------(end of broadcast)---------------------------
>TIP 1: subscribe and unsubscribe commands go to majordomo(at)postgresql(dot)org
>
>
>
From | Date | Subject | |
---|---|---|---|
Next Message | Bertrand Petit | 2003-08-13 12:56:45 | 7.4 beta 1: SET log_statement=false |
Previous Message | Christopher Kings-Lynne | 2003-08-13 06:11:58 | HISTORY |