Skip site navigation (1) Skip section navigation (2)

Re: Why ACL_EXECUTE is checked on FindConversion()?

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: Why ACL_EXECUTE is checked on FindConversion()?
Date: 2009-08-19 18:27:53
Message-ID: 26499.1250706473@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-hackers
KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com> writes:
> When FindConversion() is called, it also checks current user's ACL_EXECUTE
> privilege on the conproc of the fetched conversion.

> Why this check is applied on FindConversion(), instead of FindDefaultConversion()?

Does seem pretty inconsistent, doesn't it?

The original idea may have been to provide a substitute for a USAGE
ACL check on conversions, in which case it's not totally insane: if
you make a conversion default then you're implicitly granting it to
public.  But there's no documentation about this.

Offhand I see no really good reason to have a usage check on
conversions, and would be happy with removing this one.  The function
permission check at CREATE CONVERSION time ought to be sufficient.

			regards, tom lane

In response to

Responses

pgsql-hackers by date

Next:From: Chander GanesanDate: 2009-08-19 18:39:39
Subject: Re: We should Axe /contrib/start-scripts
Previous:From: Tom LaneDate: 2009-08-19 18:22:39
Subject: Re: Idea about estimating selectivity for single-column expressions

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group