| From: | Joe Conway <mail(at)joeconway(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Andres Freund <andres(at)anarazel(dot)de>, justin(dot)catterson(at)sofiebio(dot)com, pgsql-hackers(at)postgreSQL(dot)org |
| Subject: | Re: [BUGS] BUG #13694: Row Level Security by-passed with CREATEUSER permission |
| Date: | 2015-10-21 20:06:11 |
| Message-ID: | 5627F033.5030402@joeconway.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs pgsql-hackers |
On 10/21/2015 12:46 PM, Tom Lane wrote:
> Attached patch rips out CREATEUSER and NOCREATEUSER options lock, stock,
> and barrel.
Looks good to me.
> Another possibility is to change them to actually mean CREATEROLE and
> NOCREATEROLE. I think probably a clean break is better though.
I think that would be too confusing. I'd rather see them go away ala
your patch.
Joe
--
Crunchy Data - http://crunchydata.com
PostgreSQL Support for Secure Enterprises
Consulting, Training, & Open Source Development
| From | Date | Subject | |
|---|---|---|---|
| Next Message | santiagocfc | 2015-10-21 20:46:11 | BUG #13695: Problema de autenticación |
| Previous Message | Tom Lane | 2015-10-21 19:46:41 | Re: [BUGS] BUG #13694: Row Level Security by-passed with CREATEUSER permission |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2015-10-21 20:14:30 | Re: Freezing without cleanup lock |
| Previous Message | Euler Taveira | 2015-10-21 19:56:02 | Re: Duplicated assignment of slot_name in walsender.c |