From: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, Paul Jungwirth <pj(at)illuminatedcomputing(dot)com>, PGSQL Mailing List <pgsql-general(at)postgresql(dot)org>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: REFERENCES privilege should not be symmetric (was Re: [GENERAL] Postgres Permissions Article) |
Date: | 2017-03-31 17:56:30 |
Message-ID: | CAKFQuwbku5sjGGVRRv0DdZim5PY7DwMS5vuDoxfBLMPDY9kX0Q@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general pgsql-hackers |
On Fri, Mar 31, 2017 at 10:40 AM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> > On Fri, Mar 31, 2017 at 11:29 AM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> >> The argument for not back-patching a bug fix usually boils down to
> >> fear of breaking existing applications, but it's hard to see how
> >> removal of a permission check could break a working application ---
> >> especially when the permission check is as hard to trigger as this one.
> >> How many table owners ever revoke their own REFERENCES permission?
>
> > Sure, but that argument cuts both ways. If nobody ever does that, who
> > will be helped by back-patching this?
> > I certainly agree that back-patching this change is pretty low risk.
> > I just don't think it has any real benefits.
>
> I think the benefit is reduction of user confusion. Admittedly, since
> Paul is the first person I can remember ever having complained about it,
> maybe nobody else is confused.
>
After going back-and-forth on this (and not being able to independently
come to the conclusion that what we are adhering to is actually a typo) I'm
going to toss my +1 in with Robert's. If anyone actually complains about
the behavior and not just the documentation we could consider back-patching
if any release before 10.0 is still under support.
There have been non-bug fix improvements to the docs that didn't get
back-patched covering topics more confusing than this. Expecting those
learning the system to consult the most recent version of the docs is
standard fare here. From a practical perspective the revised current docs
will be applicable for past versions as long as one doesn't go a get their
REFERENCES permission revoked somehow. If they do, and wonder why, the
docs and these list will be able to explain it reasonably well.
David J.
From | Date | Subject | |
---|---|---|---|
Next Message | Magnus Hagander | 2017-03-31 17:57:32 | Re: REFERENCES privilege should not be symmetric (was Re: [GENERAL] Postgres Permissions Article) |
Previous Message | Tom Lane | 2017-03-31 17:40:00 | Re: REFERENCES privilege should not be symmetric (was Re: [GENERAL] Postgres Permissions Article) |
From | Date | Subject | |
---|---|---|---|
Next Message | Robert Haas | 2017-03-31 17:57:03 | Re: WIP: Covering + unique indexes. |
Previous Message | Tom Lane | 2017-03-31 17:50:49 | Re: delta relations in AFTER triggers |