| From: | Fabien COELHO <coelho(at)cri(dot)ensmp(dot)fr> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-bugs(at)postgresql(dot)org, Peter Eisentraut <peter_e(at)gmx(dot)net> |
| Subject: | Re: BUG #1150: grant options not properly checked |
| Date: | 2004-05-11 15:51:10 |
| Message-ID: | Pine.LNX.4.58.0405111658360.21629@sablons.cri.ensmp.fr |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
Dear Tom,
> ...
> Note that says WARNING, not ERROR. So I guess what we need to do is
> narrow the privilege set and issue a warning message.
Yep.
> I think this also bears on the question that was raised before about
> whether REVOKE should raise an error if you don't have the right to
> revoke the privileges you're listing. We don't, and based on this
> I think we shouldn't --- but maybe we should issue a warning.
There are two close but different issues.
(1) REVOKE ALL ON SCHEMA foo FROM calvin;
I agree with you that it looks it is allowed, as narrow would mean empty.
I really think a warning is desirable in such a case...
(2) REVOKE USAGE ON SCHEMA foo FROM calvin;
Where USAGE (or any specific right) is not grantable by the issuer.
While browsing the Access Rules of <revoke statement>... it is unclear.
I guess maybe a "grantable" word is missing in my version of the standard,
because otherwise I cannot really extract a semantics from access rule 1
case a in 12.7. Case b is much more explicit in my version for <revoke
role statement>, you need a "WITH ADMIN OPTION".
If my guess is correct and that an access rule is violated, then this
case should result in an error.
--
Fabien Coelho - coelho(at)cri(dot)ensmp(dot)fr
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2004-05-11 15:57:46 | Re: BUG #1150: grant options not properly checked |
| Previous Message | Laurent FAILLIE | 2004-05-11 15:23:58 | Re: BUG #1151: Initdb fails ... |