Quick Links

[pgAdmin III] #88: Function's access control list ambiguity

From:	"pgAdmin Trac" <trac(at)code(dot)pgadmin(dot)org>
To:
Cc:	pgadmin-hackers(at)postgresql(dot)org
Subject:	[pgAdmin III] #88: Function's access control list ambiguity
Date:	2009-10-13 20:40:03
Message-ID:	056.d22ab79abcc107eae89c7ff166c19029@code.pgadmin.org
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgadmin-hackers

#88: Function's access control list ambiguity
-----------------------------+----------------------------------------------
Reporter: Dmitry Samokhin | Owner: dpage
Type: bug | Status: new
Priority: minor | Milestone:
Component: pgadmin | Version: 1.10
Keywords: function | Platform:
-----------------------------+----------------------------------------------
When a new function is created, the initial default EXECUTE privilege is
granted to PUBLIC (this is described is the documentation), and pgAdmin
generates the followng script:

CREATE OR REPLACE FUNCTION ... ;
ALTER FUNCTION ... OWNER TO ...;

The function's ACL is dispayed in the 'ACL' field in the object properties
upper-right pane and in this case it is null. (As far as I can guess the
contents are just read from the 'proacl' field of the 'pg_proc' system
catalog table.)
If then to revoke all privileges both from PUBLIC and the owner, this
function would be accessible only to a superuser, and its ACL property is
'{}' (empty). Empty and null values are different, and this behavior is by
design. But the script generated in the SQL pane remains the same.

In any case there should be no problem for a pgAdmin user to determine the
effective ACL of a function by examining its ACL in the property list. But
let's observe the problem from the top point of view. Deciding to take
advantage of using a DDL script carefully prepared by pgAdmin, one might
expect that creating an object in another schema/database from the scratch
executing this script he gets the exact copy of the object including the
correct ACL.

To implement this in case of empty, but not null, ACL of functions (and
other database objects granting default access to PUBLIC), the
reverse-engineering procedure of pgAdmin might be modified for the script
to
look like:

CREATE OR REPLACE FUNCTION ... ;
ALTER FUNCTION ... OWNER TO <owner>;
REVOKE ALL ON FUNCTION ... FROM public;
REVOKE ALL ON FUNCTION ... FROM <owner>;

--
Ticket URL: <http://code.pgadmin.org/trac/ticket/88>
pgAdmin III <http://code.pgadmin.org/trac/>
pgAdmin III

Responses

Re: [pgAdmin III] #88: Function's access control list ambiguity at 2009-10-13 20:40:36 from pgAdmin Trac
Re: [pgAdmin III] #88: Function's access control list ambiguity at 2012-02-27 22:50:17 from pgAdmin Trac
Re: [pgAdmin III] #88: Function's access control list ambiguity at 2012-03-24 00:33:21 from pgAdmin Trac
Re: [pgAdmin III] #88: Function's access control list ambiguity at 2013-04-22 10:34:48 from pgAdmin Trac

Browse pgadmin-hackers by date

	From	Date	Subject
Next Message	pgAdmin Trac	2009-10-13 20:40:36	Re: [pgAdmin III] #88: Function's access control list ambiguity
Previous Message	svn	2009-10-13 10:26:07	SVN Commit by dpage: r8070 - in branches/REL-1_10_0_PATCHES/pgadmin3: . pgadmin/schema