> > > Well, if I issue a "REVOKE" and the rights are not revoked and could never
> > > have been because I have no right to issue such statement on the object, I
> > > tend to call this deep absence of success a "failure".
> > > If I do the very opposite GRANT, I have a clear "permission denied".
> > Oh, I thought you were complaining that revoking rights not previously
> > granted should be an error. I agree with the above; in fact it's a
> > duplicate of a previous complaint.
> Did we resolve this? Is it a TODO?
There has been a lot of off-line discussion about how to interpret the
standard on this point. I'm not even sure we perfectly agreed in the end,
although our understanding of the issues improved a lot through the
discussion. As a summary, it is pretty subtle, especially as the standard
wording is contrived, and postgres does not do what should be done in a
lot of cases. There are also actual "security" bugs.
For the TODO, I would suggest something general:
- fix grant/revoke wrt SQL standard, validate errors, warnings and successes.
Fabien Coelho - coelho(at)cri(dot)ensmp(dot)fr
In response to
pgsql-bugs by date
|Next:||From: Federico Di Gregorio||Date: 2004-05-18 08:32:36|
|Subject: soname of libpq|
|Previous:||From: Bruce Momjian||Date: 2004-05-17 19:18:13|
|Subject: Re: BUG #1145: silent REVOKE failures|