Skip site navigation (1) Skip section navigation (2)

Re: BUG #1145: silent REVOKE failures

From: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
To: Fabien COELHO <coelho(at)cri(dot)ensmp(dot)fr>
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-bugs(at)postgresql(dot)org,Peter Eisentraut <peter_e(at)gmx(dot)net>
Subject: Re: BUG #1145: silent REVOKE failures
Date: 2004-06-09 15:00:08
Message-ID: 200406091500.i59F08105689@candle.pha.pa.us (view raw or flat)
Thread:
Lists: pgsql-bugs
Fabien COELHO wrote:
> 
> Dear Bruce,
> 
> > > > Well, if I issue a "REVOKE" and the rights are not revoked and could never
> > > > have been because I have no right to issue such statement on the object, I
> > > > tend to call this deep absence of success a "failure".
> > >
> > > > If I do the very opposite GRANT, I have a clear "permission denied".
> > >
> > > Oh, I thought you were complaining that revoking rights not previously
> > > granted should be an error.  I agree with the above; in fact it's a
> > > duplicate of a previous complaint.
> >
> > Did we resolve this?  Is it a TODO?
> 
> No? No?
> 
> There has been a lot of off-line discussion about how to interpret the
> standard on this point. I'm not even sure we perfectly agreed in the end,
> although our understanding of the issues improved a lot through the
> discussion. As a summary, it is pretty subtle, especially as the standard
> wording is contrived, and postgres does not do what should be done in a
> lot of cases. There are also actual "security" bugs.
> 
> For the TODO, I would suggest something general:
> 
> - fix grant/revoke wrt SQL standard, validate errors, warnings and successes.

Tom, is this done?

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman(at)candle(dot)pha(dot)pa(dot)us               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073

In response to

Responses

pgsql-bugs by date

Next:From: Tom LaneDate: 2004-06-09 15:25:40
Subject: Re: BUG #1145: silent REVOKE failures
Previous:From: Fabien COELHODate: 2004-06-09 14:04:22
Subject: Re: BUG #1161: User permissions are kept, even if user is

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group