| From: | Jeff Janes <jeff(dot)janes(at)gmail(dot)com> |
|---|---|
| To: | Oleksandr Shulgin <oleksandr(dot)shulgin(at)zalando(dot)de> |
| Cc: | Justis Lincoln Mackaoui <jmackaou(at)calpoly(dot)edu>, "pgsql-bugs(at)lists(dot)postgresql(dot)org" <pgsql-bugs(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Clarity Bug for Schema Permissions, Potential Vulnerability? |
| Date: | 2020-05-06 13:37:54 |
| Message-ID: | CAMkU=1wdeM7cXAtR_ZzXZwfXkQCqBxqjGT+D_tqd5=v8wW9j-A@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
On Wed, May 6, 2020 at 3:47 AM Oleksandr Shulgin <
oleksandr(dot)shulgin(at)zalando(dot)de> wrote:
> I'm wondering if we could provide a more helpful error message in this
> case, something along the lines of:
>
> DETAIL: 'usage' permission required on schema 'test_schema'
>
The actual error message is not just "permission denied", it is already:
ERROR: permission denied for schema test_schema
Given that, I don't think the additional DETAIL upon ERROR would be all
that helpful.
I think a more useful change (if any) would be a NOTICE or WARNING when
granting privs on a object in a schema, to a user who does not already have
privs on the schema itself. I thought there was already a similar
situation, where a NOTICE was issued where a permission change was executed
which didn't do anything, because it was already done. But now I can't
find.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Asif Rehman | 2020-05-06 13:49:23 | Re: pg_stat_statements: rows not updated for CREATE TABLE AS SELECT statements |
| Previous Message | David G. Johnston | 2020-05-06 13:13:59 | Re: Clarity Bug for Schema Permissions, Potential Vulnerability? |