| From: | Christophe Pettus <xof(at)thebuild(dot)com> |
|---|---|
| To: | "pgsql-generallists(dot)postgresql(dot)org" <pgsql-general(at)lists(dot)postgresql(dot)org> |
| Subject: | No warning for a no-op REVOKE |
| Date: | 2024-03-25 13:54:30 |
| Message-ID: | B3BA06C0-EB3B-4AE7-8C03-61A8E4D13971@thebuild.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Right now, if you do a REVOKE that doesn't actually revoke anything, it works silently. This can be a bit of a foot-gun. For example:
CREATE FUNCTION f() RETURNS int as $$ SELECT 1; $$ LANGUAGE sql;
REVOKE EXECUTE ON FUNCTION f() FROM lowpriv;
Naively, it might be expected that `lowpriv` can't execute the function, but unless default privileges have been changed, `lowpriv` still can under the default grant of EXECUTE to PUBLIC. Since there was no previous grant to `lowpriv`, nothing actually changes in the ACL. This bit a client recently.
Is it worth generating a warning in this case?
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Daniel Gustafsson | 2024-03-25 13:59:42 | Re: No warning for a no-op REVOKE |
| Previous Message | Christophe Pettus | 2024-03-25 13:48:10 | Re: Is this a buggy behavior? |