Excerpts from Tom Lane's message of mar ago 24 19:04:14 -0400 2010:
> Alvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org> writes:
> > I just noticed that we restrict creation of a role named "public", but
> > this is case-sensitive -- i.e. we don't restrict roles named PUBLIC,
> > etc.
> > Is this intended?
> Yes. If you had a role named that, you might think that
> GRANT whatever TO PUBLIC
> should refer to that role.
GRANT whatever TO "Public"
is allowed? Seems inconsistent. My point is that we allow others, not
that we disallow that one.
The reason I'm asking is that I'm trying to allow "public" to be passed
to has_table_privileges(), and have it check for the PUBLIC pseudo-role.
Originally I had coded it using pg_strcasecmp() on the grounds that any
case should refer to this. However, if "Public" and other combinations
are allowed, only lowercase "public" would work as input for that
function; using any uppercase letter would mean that it'd refer to a
role named like that.
It seems a complicated rule to document. Seems better to just disallow
creating a role "public" regardless of case.
Álvaro Herrera <alvherre(at)commandprompt(dot)com>
The PostgreSQL Company - Command Prompt, Inc.
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
In response to
pgsql-hackers by date
|Next:||From: Luxenberg, Scott I.||Date: 2010-08-24 23:25:13|
|Subject: Performance Farm Release|
|Previous:||From: Tom Lane||Date: 2010-08-24 23:04:14|
|Subject: Re: why restrict role "public" but not "Public"? |