| From: | Merlin Moncure <mmoncure(at)gmail(dot)com> |
|---|---|
| To: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
| Cc: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: patch for type privileges |
| Date: | 2011-11-28 20:25:05 |
| Message-ID: | CAHyXU0w_mYmBx+AVXM7fxGXn_HLpdCOeZedDJ8AwZg0x4ZFTnA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Nov 15, 2011 at 2:23 PM, Peter Eisentraut <peter_e(at)gmx(dot)net> wrote:
> The basics here are mainly informed by the SQL standard. One thing from
> there I did not implement is checking for permission of a type used in
> CAST (foo AS type). This would be doable but relatively complicated,
> and in practice someone how is not supposed to be able to use the type
> wouldn't be able to create the cast or the underlying cast function
> anyway for lack of access to the type.
I'm not quite following that: with your patch are you or are you not
prohibited from utilizing casts? In other words, if you didn't have
USAGE priv, what would happen if you tried this:
CREATE VIEW v AS SELECT null::restricted_type::text; ?
merlin
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dimitri Fontaine | 2011-11-28 20:28:04 | Re: Prep object creation hooks, and related sepgsql updates |
| Previous Message | Gurjeet Singh | 2011-11-28 19:55:28 | Re: Avoiding repeated snapshot computation |