Re: BUG #1145: silent REVOKE failures

Dear Bruce,

> > I see TODO items as wishes, and I'm not sure I can see what is wrong with
> > wishing better/full testing of postgresql data access controls and compare
> > the results with what is defined by the norm?
>
> I guess I am looking for a more detailed analysis that there is a
> problem to be fixed. Yes, I would like more testing too, but we need
> more testing in lots of areas, but it doesn't make it a TODO item.
>
> I guess I am asking why this area needs more testing for spec
> compliance.

Ok. I can state new arguments and repeat old ones.

Because security is not really tested by users. If there is a problem in
SELECT, you would hear quite quickly about it.

Security looks like an important issue, but people/admin just assume that
it works properly. Probing the walls is not what the average user or admin
is expected to do with the DB anyway.

Moreover, the sql specs is quite contrived in the area, although I haven't
looked at others areas;-)

There were bugs in the past that where solved, there may be others yet
to be find, but there is no real validation, so a "make check" would not
notice if some old bugs is brought back, which goes with the next point:

If roles are to be implemented, is will touch this "sensitive" area, and
anyone should feel safer to accept such changes if deep exhaustive tests
are actually performed.

You juge what these arguments are worth wrt to justify a grand "TODO" item;-)
IMHO, this should be a prerequisite to adding "roles".

Hace a nice day,

--
Fabien Coelho - coelho(at)cri(dot)ensmp(dot)fr