Re: BUG #5458: Permission check is skipped by inheritance

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "Takahiro Itagaki" <itagaki(dot)takahiro(at)oss(dot)ntt(dot)co(dot)jp>
Cc: pgsql-bugs(at)postgresql(dot)org
Subject: Re: BUG #5458: Permission check is skipped by inheritance
Date: 2010-05-11 14:52:01
Message-ID: 6614.1273589521@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-bugs

"Takahiro Itagaki" <itagaki(dot)takahiro(at)oss(dot)ntt(dot)co(dot)jp> writes:
> Even if a non-superuser who has no permissions on
> a parent and a child tables, he can retrieve data
> from the parent when the two tables have inheritance
> relationship.

Hmm, the change to not check child permissions is intentional, but
it looks like Peter overdid it ...

2009-10-23 01:24 petere

* doc/src/sgml/ddl.sgml, src/backend/optimizer/prep/prepunion.c,
src/test/regress/expected/privileges.out,
src/test/regress/sql/privileges.sql: When querying a table with
child tables, do not check permissions on the child tables. This
was found to be useless and confusing in virtually all cases, and
also contrary to the SQL standard.

regards, tom lane

In response to

Browse pgsql-bugs by date

  From Date Subject
Next Message Peter Eisentraut 2010-05-11 17:08:40 Re: bool: symbol name collision
Previous Message Bruce Momjian 2010-05-11 12:59:07 Re: BUG #5457: dblink_connect now restricts non-superusers to password