Re: [Patch] Invalid permission check in pg_stats for functional indexes

From: Daniel Gustafsson <daniel(at)yesql(dot)se>
To: Pierre Ducroquet <p(dot)psql(at)pinaraf(dot)info>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, PostgreSQL Developers <pgsql-hackers(at)lists(dot)postgresql(dot)org>, Kuntal Ghosh <kuntalghosh(dot)2007(at)gmail(dot)com>, David Steele <david(at)pgmasters(dot)net>
Subject: Re: [Patch] Invalid permission check in pg_stats for functional indexes
Date: 2020-07-05 11:44:22
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers

> On 25 Mar 2020, at 15:52, David Steele <david(at)pgmasters(dot)net> wrote:

> On 12/26/19 6:46 PM, Tom Lane wrote:
>> Awhile back I wrote:
>>> Actually ... maybe we don't need to change the view definition at all,
>>> but instead just make has_column_privilege() do something different
>>> for indexes than it does for other relation types. It's dubious that
>>> applying that function to an index yields anything meaningful today,
>>> so we could redefine what it returns without (probably) breaking
>>> anything. That would at least give us an option to back-patch, too,
>>> though the end result might be complex enough that we don't care to
>>> risk it.
>> In hopes of resurrecting this thread, here's a draft patch that does
>> it like that (and also fixes row_security_active(), as otherwise this
>> probably creates a security hole in pg_stats).
> Do you know when you will have a chance to look at this patch?
> Tom made a suggestion up-thread about where the regression tests could go.

This patch still hasn't progressed since Tom's draft patch, is anyone still
interested in pursuing it or should we close it for now?

cheers ./daniel

In response to


Browse pgsql-hackers by date

  From Date Subject
Next Message Daniel Gustafsson 2020-07-05 11:52:32 Re: Online verification of checksums
Previous Message Daniel Gustafsson 2020-07-05 11:38:33 Re: psql - improve test coverage from 41% to 88%