Re: [BUGS] grant/revoke bug with delete/update

Peter, thanks for your support !

I'm surprised this bug isn't taken seriously by other people.

about the fact that this isn't considered as a bug fix, I disagree
entirely: it's a fix to an important security issue.

It adds nothing. The only thing it changes is "du" instead of "w" in the
acls, so people would have to dump and restore their databases when
upgrading to a fixed version, but that's probably already the case for
upgrading from 6.5x to 7.x (I don't know). Of course I agree that this fix
needs a lot more testing than most bug fixes, and I haven't tested all the
possibilities (particularly with sequences, which I have not tested at
all).

I'm even more surprised this wasn't noticed before, or do all users deal
with databases as superuser ? For those of you who have any doubt, I
suggest you look at a recent thread on BUGTRAQ (find it on
http://www.securityfocus.com) to know what problems this bug can generate
if used by bad people.

I've even received a mail trying to explain me that update and delete are
the same thing because you can update a record you want to delete but have
no right to, to change its data... of course this is possible, but
nevertheless the record isn't deleted, so update and delete really are two
different things, not to mention you may want to give delete permission
but not insert nor update.

As I told previously in private to Bruce, I won't be able to make this
patch for 7.0 until a week or two, so if someone do it before (please do,
because you better know postgresql code than me, so you'll make less
mistakes), just tell me because I don't really want to duplicate the
effort.

bye,

PS: could someone explain me what "tricky" means ?

Jerome ALET - alet(at)unice(dot)fr - http://cortex.unice.fr/~jerome
Faculte de Medecine de Nice - http://noe.unice.fr - Tel: 04 93 37 76 30
28 Avenue de Valombrose - 06107 NICE Cedex 2 - FRANCE

On Sat, 4 Mar 2000, Peter Eisentraut wrote:

> Bruce Momjian writes:
>
> > Looks very nice, but we can't apply it during beta. Only bug fixes, and
> > this looks a little tricky. We can try it for 7.1. Maybe you can get
> > us a 7.0 based patch.
>
> It was me that encouraged him to send in this patch now because Karel and
> I are currently talking about redoing the ACL stuff for 7.1.
>
> I considered this a bug and the fix looks pretty straightforward. Perhaps
> it should go into 7.0.1?
>
> --
> Peter Eisentraut Sernanders vg 10:115
> peter_e(at)gmx(dot)net 75262 Uppsala
> http://yi.org/peter-e/ Sweden
>