Skip site navigation (1) Skip section navigation (2)

BUG #6422: User without any priviledges on a table can lock the tablefrom other users in some cases

From: maxim(dot)boguk(at)gmail(dot)com
To: pgsql-bugs(at)postgresql(dot)org
Subject: BUG #6422: User without any priviledges on a table can lock the tablefrom other users in some cases
Date: 2012-01-31 03:41:19
Message-ID: E1Rs4at-0004v5-KS@wrigleys.postgresql.org (view raw or flat)
Thread:
Lists: pgsql-bugs
The following bug has been logged on the website:

Bug reference:      6422
Logged by:          Maxim Boguk
Email address:      maxim(dot)boguk(at)gmail(dot)com
PostgreSQL version: 9.1.2
Operating system:   Linux
Description:        

Hi.

Unfortunately I was hit by that problem in the real project.

During active pg_dump (or any long transaction keeping lock on table), any
users with access to database can lock table from access, even if that user
have absolutely no rights on that table.

Test scenario:

1)CREATE ROLE dummy with login password 'something';

2)start pg_dump on database or any long transactions involving table news


3)now:
psql -U dummy -d testdb

=> SELECT * from news;
ERROR:  permission denied for relation news

That perfectly ok...

sports=> begin;
BEGIN
sports=> lock table news;
oops... table locked from everyone access untill canceled or pg_dump
finished 

(and in realily - large web site down for 3 minute until my intervention).


The same can be done with any
alter table news ... ; statement.

Again I not sure is it an actual bug or feature. Seems Postgres trying to
put a lock on the table before check grants.

May be it's possible to check grants before set any heavy lock on the
table?

That behavior could be very troublesome in multi-user database environment.





pgsql-bugs by date

Next:From: Bridget FreyDate: 2012-01-31 04:07:10
Subject: Re: BUG #6200: standby bad memory allocations on SELECT
Previous:From: Tom LaneDate: 2012-01-31 03:00:36
Subject: Re: BUG #6200: standby bad memory allocations on SELECT

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group