From: | Andrey Borodin <x4mmm(at)yandex-team(dot)ru> |
---|---|
To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
Cc: | Evgeniy Efimkin <efimkin(at)yandex-team(dot)ru>, Michael Paquier <michael(at)paquier(dot)xyz>, Jeff Davis <pgsql(at)j-davis(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>, Дмитрий Сарафанников <dsarafan(at)yandex-team(dot)ru>, Владимир Бородин <root(at)simply(dot)name> |
Subject: | Re: Special role for subscriptions |
Date: | 2019-03-20 15:58:04 |
Message-ID: | 123DA4FA-1359-47DA-AB7C-FBFA5D541259@yandex-team.ru |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
> 20 марта 2019 г., в 21:46, Robert Haas <robertmhaas(at)gmail(dot)com> написал(а):
>
> On Wed, Mar 20, 2019 at 5:39 AM Evgeniy Efimkin <efimkin(at)yandex-team(dot)ru> wrote:
>> Hi!
>>> Currently, user with pg_subscription_users can create subscription into any system table, can't they?
>>> We certainly need to change it to more secure way.
>> No, you can't add system tables to publication. In new patch i add privileges checks on target table, non superuser can't create/refresh subscription if he don't have INSERT, UPDATE, DELETE and TRUNCATE privileges.
>
> ....
>
> I think we should view this permission as "you can create
> subscriptions, plain and simple".
That sounds good.
From my POV, the purpose of the patch is to allow users to transfer their database via logical replication. Without superuser privileges (e.g. to the managed cloud with vanilla postgres).
But the role effectively allows inserts to any table, this can be escalated to superuser. What is the best way to deal with it?
Best regards, Andrey Borodin.
From | Date | Subject | |
---|---|---|---|
Next Message | Peter Eisentraut | 2019-03-20 16:02:34 | Re: pg_basebackup ignores the existing data directory permissions |
Previous Message | Peter Eisentraut | 2019-03-20 15:54:17 | Re: pg_basebackup ignores the existing data directory permissions |