| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Karsten Hilbert <Karsten(dot)Hilbert(at)gmx(dot)net> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Postgres Permissions Article |
| Date: | 2017-03-29 13:36:07 |
| Message-ID: | 20434.1490794567@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
Karsten Hilbert <Karsten(dot)Hilbert(at)gmx(dot)net> writes:
> On Tue, Mar 28, 2017 at 09:47:40AM -0700, Paul Jungwirth wrote:
>> I wrote a blog post about the Postgres permissions system, and I thought I'd
>> share:
>> http://illuminatedcomputing.com/posts/2017/03/postgres-permissions/
> Not that I am an expert in any way but here's a thought on
> why a permission on foreign key creation might be useful:
> Being able to create foreign keys may allow to indirectly
> discover whether certain values exists in a table which I
> don't otherwise have access to (by means of failure or
> success to create a judiciously crafted FK).
Aside from that, an FK can easily be used to cause effective
denial-of-service, for example preventing rows from being deleted
within a table, or adding enormous overhead to such a deletion.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2017-03-29 13:59:41 | Re: Using relations in the SELECT part |
| Previous Message | Adrian Klaver | 2017-03-29 13:24:25 | Re: How to get correct local time |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2017-03-29 13:38:12 | Re: [PATCH] Reduce src/test/recovery verbosity |
| Previous Message | Michael Paquier | 2017-03-29 13:08:03 | Re: Allow interrupts on waiting standby |