From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
Cc: | loren(at)paradigm(dot)xyz, pgsql-bugs(at)lists(dot)postgresql(dot)org |
Subject: | Re: BUG #17626: Permission denied errors should list role as well as user |
Date: | 2022-10-03 15:53:31 |
Message-ID: | 1515820.1664812411@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-bugs |
"David G. Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> writes:
> Basically, a permission check requires two things and the complaint is that
> only one of those things is mentioned in the error message.
No, the complaint is that the wrong thing is shown --- but I don't
know what's showing it; aclcheck_error() certainly doesn't.
There's a separate conversation to be had perhaps about whether
aclcheck_error's standard message *should* include the role name
whose permissions were checked. I have a vague feeling that that
omission was intentional, but it was so long ago that I don't
recall for sure. It seems like something that'd be good to show
in more complicated situations with views, security definer
functions, etc.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Loren Siebert | 2022-10-03 17:12:44 | Re: BUG #17626: Permission denied errors should list role as well as user |
Previous Message | David G. Johnston | 2022-10-03 15:40:05 | Re: BUG #17626: Permission denied errors should list role as well as user |