drop user bug ?

Hi,

I suppose the following is a bug, but it's not a coding one, just a
bug in the way postgresql works, or maybe it's only a feature I don't
understand (if that's the case I sincerely apologize) :

I use postgresql 6.5.3 under Linux 2.0.35 + libc 5.3.12, but I suppose
this doesn't matter:

vroum=> CREATE USER john;
CREATE USER
vroum=> GRANT SELECT,UPDATE ON couleur TO john;
CHANGE
vroum=> \z
Database = vroum
+------------------+------------------------------+
| Relation | Grant/Revoke Permissions |
+------------------+------------------------------+
| couleur | {"=","uvroum=arwR","john=rw"} |

vroum=> DROP USER john;
DROP USER
vroum=> \z
Database = vroum
+------------------+------------------------------+
| Relation | Grant/Revoke Permissions |
+------------------+------------------------------+
| couleur | {"=","uvroum=arwR","2001=rw"} |

the grant revoke permissions weren't updated !

So I try to update them manually:

vroum=> REVOKE ALL ON couleur FROM "2001";
ERROR: aclparse: non-existent user "2001"
vroum=> REVOKE ALL ON couleur FROM 2001;
ERROR: parser: parse error at or near "2001"
vroum=>

this seems impossible without manually updating some system tables, which
I haven't tried.

IMHO the DROP USER should have updated all Grant/Revoke permissions.

another bug IMHO is that if I do this (CREATE USER, GRANT, DROP USER) 2
times with 2 different user names, then the same userid (2001) is used.

I think the userid shouldn't be reused, especially because of the above
mentionned problem which could very well cause security problems (not
tested).

Jerome ALET - alet(at)unice(dot)fr - http://cortex.unice.fr/~jerome
Faculte de Medecine de Nice - http://noe.unice.fr - Tel: 04 93 37 76 30
28 Avenue de Valombrose - 06107 NICE Cedex 2 - FRANCE