Skip site navigation (1) Skip section navigation (2)

Possible bug with permissions. (Table A has select , insert, update rights but has a reference to a second table that only has select rights)

From: "Wendel Leibe" <wleibe(at)teamdev(dot)com>
To: <pgsql-bugs(at)postgresql(dot)org>
Subject: Possible bug with permissions. (Table A has select , insert, update rights but has a reference to a second table that only has select rights)
Date: 2000-10-06 18:31:21
Message-ID: 003101c02fc3$a00feba0$9901a8c0@wendel (view raw or flat)
Thread:
Lists: pgsql-bugs
I think I have found a bug with Postgres' permissions.  I have combed
through the documentation, but I haven't been able to find an explanation
for the following problem.

First of all here is what I am running.
Postgress version 7.0.2 ,
OS  Linux Red Hat 6.2
Kernel version 2.2.17


I have the following SQL statements to create three tables in a database
that I have previously created.


INSERT INTO pg_group (groname, grosysid, grolist) values
('confUser',100,'{}');

ALTER GROUP "confUser" Add User "conf-user";

CREATE TABLE Object_Type (			# Create the Object_Type table.
	Primary_Key serial ,
	PRIMARY KEY (Primary_Key),
	Name char (20) NOT NULL
)
;

GRANT select ON Object_Type TO GROUP "confUser";

CREATE TABLE Objects (
	Primary_Key serial,
	PRIMARY KEY (Primary_Key),
	Object_Type_Index int,
	FOREIGN KEY (Object_Type_Index) REFERENCES Object_Type
	  ON DELETE CASCADE,
	Object_Instance int ,
	Name char (50) NOT NULL,
	Tag char (50),
    UNIQUE (Name,Object_Type_Index)
)
;

GRANT select ON Objects TO GROUP "confUser";

CREATE TABLE Contact (
	Primary_Key serial ,
	PRIMARY KEY (Primary_Key),
	User_Index int,
	Greeting_Index int REFERENCES Objects,
	First_Name char (12)  ,
	Last_Name char (12)  ,
	Company_Name char (30)  ,
	Title char (30)  ,
	Company_Type int REFERENCES Objects,
	Assistant_Name char (30)  ,
	On_Comments varchar (512)  ,
	Off_Comments varchar (512)  ,
	Not_Current CHAR DEFAULT 0 NOT NULL
)
;

GRANT select, insert, update ON Contact TO GROUP "confUser";


Here is the problem.  If I try to insert a contact record as, "confUser."
"psql" and my DBI driver for perl fails with a permission error on objects.
If I give confUser permissions to write to the objects table the statement
will execute.

Here is a copy of the statement while logged on as conf-user and without
write privleges on objects,"

idg-wendel=> insert into contact (user_index, greeting_index, first_name,
last_
name, company_name, title, company_type) values (1, 3, 'Wendel', 'Leibe',
'Team
', 'Software Engineer', 3);
ERROR:  objects: Permission denied.
idg-wendel=>


BTW the objects table has more than 250 entries inside of it.  In other
words, I am giving a valid primary_key for the references in the contact
table in both cases so I don't know why it is failing.

Is this a known bug or am I doing something wrong?

Thanks,
Wendel Leibe

Software Engineer
Austin, Texas



Responses

pgsql-bugs by date

Next:From: Vilson fariasDate: 2000-10-06 20:29:04
Subject: Referencial integrity when there are timestamp primary keys
Previous:From: Vince VielhaberDate: 2000-10-06 16:03:07
Subject: Re: email addresses at http://www.postgresql.org/bugs/index.php

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group