| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | Nathan Bossart <nathandbossart(at)gmail(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: document the dangers of granting TRIGGER or REFERENCES |
| Date: | 2026-07-14 15:56:49 |
| Message-ID: | 3337978.1784044609@sss.pgh.pa.us |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> Also, while there may very well be people who have legitimately been
> unpleasantly surprised by the actual behavior here, an awful lot of
> the "people" currently discovering the situation here are in fact just
> looking for a way to manufacture a security report. As long as we have
> a statement of some kind in the docs, we can just point to that. It
> doesn't need to be particularly prominent -- although I'm not trying
> to conceal it, either. I didn't find a more natural place to mention
> this than where I actually put it.
Right. I looked around too, but this section (5.9) seems fine.
In particular, while the GRANT reference page lists the names of
the privileges, it does not describe any of them, just points you
to 5.9.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2026-07-14 16:08:20 | Re: Fix GROUP BY ALL handling of ORDER BY operator semantics |
| Previous Message | Tom Lane | 2026-07-14 15:54:07 | Re: document the dangers of granting TRIGGER or REFERENCES |