Skip site navigation (1) Skip section navigation (2)

pgsql: Fix cascading privilege revoke to notice when privileges aresti

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: pgsql-committers(at)postgresql(dot)org
Subject: pgsql: Fix cascading privilege revoke to notice when privileges aresti
Date: 2012-08-23 21:26:40
Message-ID: E1T4evI-0001UY-Oi@gemulon.postgresql.org (view raw or flat)
Thread:
Lists: pgsql-committers
Fix cascading privilege revoke to notice when privileges are still held.

If we revoke a grant option from some role X, but X still holds the option
via another grant, we should not recursively revoke the privilege from
role(s) Y that X had granted it to.  This was supposedly fixed as one
aspect of commit 4b2dafcc0b1a579ef5daaa2728223006d1ff98e9, but I must not
have tested it, because in fact that code never worked: it forgot to shift
the grant-option bits back over when masking the bits being revoked.

Per bug #6728 from Daniel German.  Back-patch to all active branches,
since this has been wrong since 8.0.

Branch
------
REL8_3_STABLE

Details
-------
http://git.postgresql.org/pg/commitdiff/9969e159ea9bf9083f12f5017071ca00ea1d3fc7

Modified Files
--------------
src/backend/utils/adt/acl.c              |    4 +-
src/test/regress/expected/privileges.out |   46 ++++++++++++++++++++++++++++-
src/test/regress/sql/privileges.sql      |   29 ++++++++++++++++++-
3 files changed, 74 insertions(+), 5 deletions(-)

pgsql-committers by date

Next:From: Tom LaneDate: 2012-08-23 22:07:41
Subject: pgsql: Stamp 9.2rc1.
Previous:From: Heikki LinnakangasDate: 2012-08-23 09:00:12
Subject: pgsql: Fix typo in example.

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group