| From: | Alvaro Herrera <alvherre(at)commandprompt(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: why restrict role "public" but not "Public"? |
| Date: | 2010-08-24 23:22:20 |
| Message-ID: | 1282691873-sup-6899@alvh.no-ip.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Excerpts from Tom Lane's message of mar ago 24 19:04:14 -0400 2010:
> Alvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org> writes:
> > I just noticed that we restrict creation of a role named "public", but
> > this is case-sensitive -- i.e. we don't restrict roles named PUBLIC,
> > etc.
>
> > Is this intended?
>
> Yes. If you had a role named that, you might think that
> GRANT whatever TO PUBLIC
> should refer to that role.
However
GRANT whatever TO "Public"
is allowed? Seems inconsistent. My point is that we allow others, not
that we disallow that one.
The reason I'm asking is that I'm trying to allow "public" to be passed
to has_table_privileges(), and have it check for the PUBLIC pseudo-role.
Originally I had coded it using pg_strcasecmp() on the grounds that any
case should refer to this. However, if "Public" and other combinations
are allowed, only lowercase "public" would work as input for that
function; using any uppercase letter would mean that it'd refer to a
role named like that.
It seems a complicated rule to document. Seems better to just disallow
creating a role "public" regardless of case.
--
Álvaro Herrera <alvherre(at)commandprompt(dot)com>
The PostgreSQL Company - Command Prompt, Inc.
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Luxenberg, Scott I. | 2010-08-24 23:25:13 | Performance Farm Release |
| Previous Message | Tom Lane | 2010-08-24 23:04:14 | Re: why restrict role "public" but not "Public"? |