| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | pgsql-committers(at)postgresql(dot)org |
| Subject: | pgsql: Fix cascading privilege revoke to notice when privileges are sti |
| Date: | 2012-08-23 21:26:40 |
| Message-ID: | E1T4evI-0001UV-N7@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Fix cascading privilege revoke to notice when privileges are still held.
If we revoke a grant option from some role X, but X still holds the option
via another grant, we should not recursively revoke the privilege from
role(s) Y that X had granted it to. This was supposedly fixed as one
aspect of commit 4b2dafcc0b1a579ef5daaa2728223006d1ff98e9, but I must not
have tested it, because in fact that code never worked: it forgot to shift
the grant-option bits back over when masking the bits being revoked.
Per bug #6728 from Daniel German. Back-patch to all active branches,
since this has been wrong since 8.0.
Branch
------
REL8_4_STABLE
Details
-------
http://git.postgresql.org/pg/commitdiff/d6a3863506599a4d22dd62e0601da9ab2ed933da
Modified Files
--------------
src/backend/utils/adt/acl.c | 4 +-
src/test/regress/expected/privileges.out | 50 ++++++++++++++++++++++++++++++
src/test/regress/sql/privileges.sql | 24 ++++++++++++++
3 files changed, 76 insertions(+), 2 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2012-08-23 22:07:41 | pgsql: Stamp 9.2rc1. |
| Previous Message | Heikki Linnakangas | 2012-08-23 09:00:12 | pgsql: Fix typo in example. |