| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "Takahiro Itagaki" <itagaki(dot)takahiro(at)oss(dot)ntt(dot)co(dot)jp> |
| Cc: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | Re: BUG #5458: Permission check is skipped by inheritance |
| Date: | 2010-05-11 14:52:01 |
| Message-ID: | 6614.1273589521@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
"Takahiro Itagaki" <itagaki(dot)takahiro(at)oss(dot)ntt(dot)co(dot)jp> writes:
> Even if a non-superuser who has no permissions on
> a parent and a child tables, he can retrieve data
> from the parent when the two tables have inheritance
> relationship.
Hmm, the change to not check child permissions is intentional, but
it looks like Peter overdid it ...
2009-10-23 01:24 petere
* doc/src/sgml/ddl.sgml, src/backend/optimizer/prep/prepunion.c,
src/test/regress/expected/privileges.out,
src/test/regress/sql/privileges.sql: When querying a table with
child tables, do not check permissions on the child tables. This
was found to be useless and confusing in virtually all cases, and
also contrary to the SQL standard.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2010-05-11 17:08:40 | Re: bool: symbol name collision |
| Previous Message | Bruce Momjian | 2010-05-11 12:59:07 | Re: BUG #5457: dblink_connect now restricts non-superusers to password |