Skip site navigation (1) Skip section navigation (2)

Permissions not working?

From: darcy(at)druid(dot)net (D'Arcy J(dot)M(dot) Cain)
To: pgsql-hackers(at)PostgreSQL(dot)org
Subject: Permissions not working?
Date: 1998-10-10 15:58:37
Message-ID: m0zS1Ph-0000f4C@druid.net (view raw or flat)
Thread:
Lists: pgsql-hackers
Something seems to be wrong here unless I am doing something wrong that
I can't see.  Here is a dump of one session.

vex=> select version();
version                                                                  
-------------------------------------------------------------------------
PostgreSQL 6.3.2 on i386-unknown-netbsd1.3B, compiled by gcc 2.7.2.2+myc1
(1 row)

vex=> SELECT relname, relacl FROM pg_class, pg_user
vex->   WHERE ( relkind = 'r' OR relkind = 'i' OR relkind = 'S') AND
vex->     relname = 'client' AND
vex->     usesysid = relowner
vex->   ORDER BY relname;
relname|relacl        
-------+--------------
client |{"=","root=r"}
(1 row)

vex=> select user;
getpgusername
-------------
carol        
(1 row)

vex=> select * from client;
ERROR:  client: Permission denied.

Exactly what I expected.  Now, here is another.

trends=> select version();
version                                                                   
--------------------------------------------------------------------------
PostgreSQL 6.4.0 on i386-unknown-netbsd1.3.2, compiled by gcc 2.7.2.2+myc1
(1 row)

trends=> SELECT relname, relacl FROM pg_class, pg_user
trends->   WHERE ( relkind = 'r' OR relkind = 'i' OR relkind = 'S') AND
trends->     relname = 'client' AND
trends->     usesysid = relowner
trends->    ORDER BY relname;
relname|relacl         
-------+---------------
client |{"=","db=arwR"}
(1 row)

trends=> select user;
getpgusername
-------------
darcy        
(1 row)

trends=> select * from client;
[Rows returned as if I had permissions]

Am I missing something or did table permission protections get lost on
the way to 6.4?

-- 
D'Arcy J.M. Cain <darcy(at){druid|vex}.net>   |  Democracy is three wolves
http://www.druid.net/darcy/                |  and a sheep voting on
+1 416 424 2871     (DoD#0082)    (eNTP)   |  what's for dinner.

Responses

pgsql-hackers by date

Next:From: D'Arcy J.M. CainDate: 1998-10-10 16:32:13
Subject: Re: [HACKERS] Re: hackers-digest V1 #1013
Previous:From: Tom LaneDate: 1998-10-10 15:41:54
Subject: Re: [HACKERS] Re: hackers-digest V1 #1013

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group