Re: BUG #1150: grant options not properly checked

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "Fabien Coelho" <coelho(at)cri(dot)ensmp(dot)fr>
Cc: pgsql-bugs(at)postgresql(dot)org, Peter Eisentraut <peter_e(at)gmx(dot)net>
Subject: Re: BUG #1150: grant options not properly checked
Date: 2004-05-11 13:37:09
Message-ID: 9027.1084282629@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-bugs

"PostgreSQL Bugs List" <pgsql-bugs(at)postgresql(dot)org> writes:
> It seems that GRANT ALL ON SCHEMA does not properly
> check for grantor rights.

What's happening is that pg_namespace_aclcheck() allows the operation
if you have GRANT OPTION for *any* of the rights to be granted. The
same problem exists for all object types.

I am not sure whether we should refuse the operation or just narrow
the set of privileges to those that are grantable per GRANT OPTION.
Peter, any thoughts?

regards, tom lane

In response to

Responses

Browse pgsql-bugs by date

  From Date Subject
Next Message Fabien COELHO 2004-05-11 14:17:23 Re: BUG #1150: grant options not properly checked
Previous Message PostgreSQL Bugs List 2004-05-11 12:18:13 BUG #1151: Initdb fails ...