Skip site navigation (1) Skip section navigation (2)

Re: [PATCH] remove redundant ownership checks

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Alex Hunsaker <badalex(at)gmail(dot)com>
Cc: Robert Haas <robertmhaas(at)gmail(dot)com>, Bruce Momjian <bruce(at)momjian(dot)us>, KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: [PATCH] remove redundant ownership checks
Date: 2010-01-13 21:29:42
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-hackers
Alex Hunsaker <badalex(at)gmail(dot)com> writes:
> Im of the opinion if we are going to be meddling with the permission
> checks in this area one of the goals should be close or at least
> tighten up that window.  So you cant lock a table you dont have
> permission to (either via LOCK or ALTER TABLE).  (Ignoring the issues
> of concurrent permission changes of course...)

Well, that's exactly the problem: it's not very sane to do permissions
checking on a table you have no lock whatsoever on, because the table
could be dropped, renamed, or have its permissions altered underneath
you.  We could imagine taking a weak lock that forbids those operations
and then upgrading once we're sure we have the right to take a stronger
lock, but lock upgrade is a certain ticket to deadlocks.

So yeah, it'd be nice, but it's not apparent how to do it.  The best
thing I can see how to do is keep the window between taking the lock
and verifying permissions narrow.

			regards, tom lane

In response to

pgsql-hackers by date

Next:From: Hans-Juergen SchoenigDate: 2010-01-13 21:30:32
Subject: Re: patch to implement ECPG side tracing / tracking ...
Previous:From: Stephen FrostDate: 2010-01-13 21:28:16
Subject: Re: [PATCH] remove redundant ownership checks

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group