Re: postgres not use table access permissions ?

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Partyka Robert <bobson(at)saturn(dot)alpha(dot)pl>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: postgres not use table access permissions ?
Date: 2000-11-03 18:22:51
Message-ID: 7449.973275771@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Partyka Robert <bobson(at)saturn(dot)alpha(dot)pl> writes:
> #create user bobson with password '1' nocreatedb nocreateuser;
> CREATE
> #create table a (a int4);
> CREATE
> #revoke all on a from public;
> CHANGE
> and now from user bobson after conecting to test database:
> #insert into a values ('1');
> INSERT 19104 1

> hmmm... looks like bug. Or I miss something?

Oops. Strange though, this looks like it must be a very long-standing
bug: aclinsert3 thinks it can delete any zero-permissions item from an
ACL array, whereas aclcheck has a hard-wired assumption that the world
item is always there. Could we have missed this for this long?

regards, tom lane

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Partyka Robert 2000-11-03 18:32:55 Re[2]: postgres not use table access permissions ?
Previous Message Bruce Momjian 2000-11-03 18:18:23 Re: Re: [COMMITTERS] pgsql/contrib/pg_dumpaccounts (Makefile README pg_dumpaccounts.sh)