| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Owner's grant options not visible |
| Date: | 2007-08-23 14:15:20 |
| Message-ID: | 1103.1187878520@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Peter Eisentraut <peter_e(at)gmx(dot)net> writes:
> Between 7.4 and 8.0, the owner's grant options were removed from the
> aclitem display.
Yeah, that was intentional, because the way we were doing it was wrong
and caused behavioral bugs. The owner's grant options have to be
treated as being granted to him by "the system", ie some external force.
IIRC the spec suggests actually having a reserved role _SYSTEM and
treating the owner's options as being granted to him by _SYSTEM,
but IMHO that just leads to circularity: where did _SYSTEM get the
rights from? The way we do it now is just to make aclcheck() and
friends assume that the owner always has grant options, regardless of
whether they're explicitly mentioned in an ACL list.
> The information schema shows obviously inaccurate data now,
The correct fix is probably to insert an equivalent assumption into the
information_schema code. Not sure of the cleanest way to do that.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2007-08-23 14:29:30 | Re: [COMMITTERS] pgsql: Add configure option --with-system-tzdata to use operating system |
| Previous Message | Albe Laurenz | 2007-08-23 13:46:07 | Undetected corruption of table files |