From: | Nathan Bossart <nathandbossart(at)gmail(dot)com> |
---|---|
To: | Jeff Davis <pgsql(at)j-davis(dot)com> |
Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Ayush Vatsa <ayushvatsa1810(at)gmail(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Clarification on Role Access Rights to Table Indexes |
Date: | 2025-10-10 16:26:08 |
Message-ID: | aOkzoH-pXdBr0ewf@nathan |
Views: | Whole Thread | Raw Message | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general pgsql-hackers |
On Thu, Oct 09, 2025 at 04:18:03PM -0500, Nathan Bossart wrote:
> There's a similar pattern in get_rel_from_relname() in dblink.c, which also
> seems to only be used with an AccessShareLock (like pg_prewarm). My best
> guess from reading lots of code, commit messages, and old e-mails in the
> archives is that the original check-privileges-before-locking work was
> never completed.
I added an 0004 that changes dblink to use RangeVarGetRelidExtended().
> I'm currently leaning towards continuing with v4 of the patch set. 0001
> and 0003 are a little weird in that a concurrent change could lead to a
> "could not find parent table" ERROR, but IIUC that is an extremely remote
> possibility.
After sleeping on it, I still think this is the right call. In any case,
I've spent way too much time on this stuff, so I plan to commit the
attached soon.
--
nathan
Attachment | Content-Type | Size |
---|---|---|
v5-0001-fix-priv-checks-in-stats-code.patch | text/plain | 1.1 KB |
v5-0002-fix-priv-checks-in-index-code.patch | text/plain | 2.7 KB |
v5-0003-fix-priv-checks-in-pg_prewarm.patch | text/plain | 4.4 KB |
v5-0004-avoid-locking-before-privilege-checks-in-dblink.patch | text/plain | 1.8 KB |
From | Date | Subject | |
---|---|---|---|
Next Message | Jeff Davis | 2025-10-10 18:31:03 | Re: Clarification on Role Access Rights to Table Indexes |
Previous Message | sud | 2025-10-10 15:27:47 | Re: Alerting on memory use and instance crash |
From | Date | Subject | |
---|---|---|---|
Next Message | Ranier Vilela | 2025-10-10 16:41:48 | Re: Fix array access (src/bin/pg_dump/pg_dump.c) |
Previous Message | Amit Langote | 2025-10-10 16:24:43 | Re: ReadRecentBuffer() doesn't scale well |