| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | pgsql-committers(at)postgresql(dot)org |
| Subject: | pgsql: Creator of a range type must have permission to call support fun |
| Date: | 2011-11-23 17:46:03 |
| Message-ID: | E1RTGtX-00004v-9H@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Creator of a range type must have permission to call support functions.
Since range types can be created by non-superusers, we need to consider
their permissions. Ideally we'd check this when the type is used, not
when it's created, but that seems like much more trouble than it's worth.
The existing restriction that the support functions be immutable already
prevents most cases where an unauthorized call to a function might be
thought a security issue, and the fact that the user has no access to
the results of the system's calls to subtype_diff closes off the other
plausible reason for concern. So this check is basically pro-forma,
but let's make it anyway.
Branch
------
master
Details
-------
http://git.postgresql.org/pg/commitdiff/a912a2784be5d144aab89e447dfe8ca74b6ad079
Modified Files
--------------
src/backend/commands/typecmds.c | 12 ++++++++++++
1 files changed, 12 insertions(+), 0 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2011-11-23 22:13:16 | pgsql: Adjust range_adjacent to support different canonicalization rule |
| Previous Message | Tom Lane | 2011-11-23 05:03:38 | pgsql: Remove user-selectable ANALYZE option for range types. |