| From: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
|---|---|
| To: | Jeff Janes <jeff(dot)janes(at)gmail(dot)com> |
| Cc: | Oleksandr Shulgin <oleksandr(dot)shulgin(at)zalando(dot)de>, Justis Lincoln Mackaoui <jmackaou(at)calpoly(dot)edu>, "pgsql-bugs(at)lists(dot)postgresql(dot)org" <pgsql-bugs(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Clarity Bug for Schema Permissions, Potential Vulnerability? |
| Date: | 2020-05-06 14:05:45 |
| Message-ID: | CAKFQuwbkD5eStnCSsZZiRWZoWBviWG5x-0jz6L-ZmBg2T6tmjw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
On Wed, May 6, 2020 at 6:38 AM Jeff Janes <jeff(dot)janes(at)gmail(dot)com> wrote:
> I think a more useful change (if any) would be a NOTICE or WARNING when
> granting privs on a object in a schema, to a user who does not already have
> privs on the schema itself.
>
Definitely not a warning but maybe a notice. But if that's the extent of
things I don't really see enough value to warrant having a command
targeting one object go looking around the system for other related state
to comment upon. If one revokes usage on a schema should we inform the
user of any remaining grants on contained objects? I suspect there are
other useful notices to consider beyond those two. It feels like something
better left to a third-party tool rather than something built into core.
David J.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2020-05-06 17:02:26 | Re: DROP OWNED CASCADE vs Temp tables |
| Previous Message | Asif Rehman | 2020-05-06 13:49:23 | Re: pg_stat_statements: rows not updated for CREATE TABLE AS SELECT statements |