| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Joe Conway <mail(at)joeconway(dot)com> |
| Cc: | "Florian G(dot) Pflug" <fgp(at)phlo(dot)org>, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Strange permission problem regarding pg_settings |
| Date: | 2003-12-10 22:01:48 |
| Message-ID: | 8742.1071093708@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
Joe Conway <mail(at)joeconway(dot)com> writes:
> Tom Lane wrote:
>> This fix may need to be rethought. I'm not sure though where is a clean
>> place to plug in the UPDATE permissions check given that the rules for
>> this case do not generate any UPDATE query.
> Do you want me to take a look at this, or are you planning to?
If you have any ideas, feel free to take a shot. I've not thought of
anything I like.
I suspect the fact that the pre-patch code made the "right" permissions
check was really coincidental, and that the correct fix will not involve
reversion of that patch but rather adding a facility somewhere to ensure
that the original view gets properly permission-checked even if there's
a DO INSTEAD NOTHING rule. However, before biting that bullet it'd
probably be good to understand in detail what's happening in both the
7.3.2 and CVS-tip code. I have not looked at just why that patch
changes this example's behavior.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jim Cochrane | 2003-12-10 22:06:19 | Re: [ADMIN] Postrgres data restoration problem |
| Previous Message | Joe Conway | 2003-12-10 21:39:13 | Re: Strange permission problem regarding pg_settings |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruno Wolff III | 2003-12-10 22:04:39 | Re: Canonicalization of WHERE clauses considered harmful |
| Previous Message | Tom Lane | 2003-12-10 21:54:54 | Canonicalization of WHERE clauses considered harmful |