Skip site navigation (1) Skip section navigation (2)

Re: why restrict role "public" but not "Public"?

From: Alvaro Herrera <alvherre(at)commandprompt(dot)com>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: pgsql-hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: why restrict role "public" but not "Public"?
Date: 2010-08-24 23:22:20
Message-ID: 1282691873-sup-6899@alvh.no-ip.org (view raw or flat)
Thread:
Lists: pgsql-hackers
Excerpts from Tom Lane's message of mar ago 24 19:04:14 -0400 2010:
> Alvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org> writes:
> > I just noticed that we restrict creation of a role named "public", but
> > this is case-sensitive -- i.e. we don't restrict roles named PUBLIC,
> > etc.
> 
> > Is this intended?
> 
> Yes.  If you had a role named that, you might think that
>     GRANT whatever TO PUBLIC
> should refer to that role.

However
	GRANT whatever TO "Public"
is allowed?  Seems inconsistent.  My point is that we allow others, not
that we disallow that one.

The reason I'm asking is that I'm trying to allow "public" to be passed
to has_table_privileges(), and have it check for the PUBLIC pseudo-role.
Originally I had coded it using pg_strcasecmp() on the grounds that any
case should refer to this.  However, if "Public" and other combinations
are allowed, only lowercase "public" would work as input for that
function; using any uppercase letter would mean that it'd refer to a
role named like that.

It seems a complicated rule to document.  Seems better to just disallow
creating a role "public" regardless of case.

-- 
Álvaro Herrera <alvherre(at)commandprompt(dot)com>
The PostgreSQL Company - Command Prompt, Inc.
PostgreSQL Replication, Consulting, Custom Development, 24x7 support

In response to

Responses

pgsql-hackers by date

Next:From: Luxenberg, Scott I.Date: 2010-08-24 23:25:13
Subject: Performance Farm Release
Previous:From: Tom LaneDate: 2010-08-24 23:04:14
Subject: Re: why restrict role "public" but not "Public"?

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group