From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Alvaro Herrera <alvherre(at)commandprompt(dot)com>, Phil Frost <indigo(at)bitglue(dot)com>, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: lastval exposes information that currval does not |
Date: | 2006-07-27 21:01:37 |
Message-ID: | 44C929B1.8060306@dunslane.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Tom Lane wrote:
>Alvaro Herrera <alvherre(at)commandprompt(dot)com> writes:
>
>
>>What we should really do is have lastval() fail if the user does not
>>have appropiate permissions on the schema. Having it not fail is a bug,
>>and documenting a bug turns it not into a feature, but into a "gotcha".
>>
>>
>
>I'm unconvinced that it's either a bug or a gotcha. lastval doesn't
>tell you which sequence it's giving you a value from, so I don't really
>see the reasoning for claiming that there's a security hole. Also,
>*at the time you did the nextval* you did have permissions. Does anyone
>really think that a bad guy can't just remember the value he got?
>lastval is merely a convenience.
>
>
>
>
Is that true even if it was called by a security definer function?
I too don't think that the security danger of knowing the value of a
(possibly unknown) sequence is very high, but that's another argument.
cheers
andrew
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2006-07-27 21:15:35 | Re: Warnings in pgstattuple |
Previous Message | Andrew Dunstan | 2006-07-27 20:53:44 | Re: [COMMITTERS] pgsql: another try at keeping AIX/ppc |