Home > mailing lists

Re: Row security violation error is misleading - Mailing list pgsql-hackers

From	Kevin Grittner
Subject	Re: Row security violation error is misleading
Date	April 8, 2015 17:07:54
Msg-id	1043278572.1890469.1428502061756.JavaMail.yahoo@mail.yahoo.com Whole thread Raw
In response to	Re: Row security violation error is misleading (Dean Rasheed <dean.a.rasheed@gmail.com>)
Responses	Re: Row security violation error is misleading
List	pgsql-hackers

Tree view

Dean Rasheed <dean.a.rasheed@gmail.com> wrote:

>> Re-using the SQLSTATE 44000 is a bit iffy too. We should
>> probably define something to differentiate this, like:
>>
>>    44P01 ROW SECURITY WRITE POLICY VIOLATION
>
> Yes, that sounds sensible.

I would be more inclined to use:

42501  ERRCODE_INSUFFICIENT_PRIVILEGE

I know this is used 173 other places where a user attempts to do
something they are not authorized to do, so you would not be able
to differentiate the specific cause based on SQLSTATE if this is
used -- but why don't we feel that way about the other 173 causes?
Why does this security violation require a separate SQLSTATE?

--
Kevin Grittner
EDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

pgsql-hackers by date:

From: Tom Lane
Date: 08 April 2015, 17:02:57
Subject: Re: Tuple visibility within a single XID

From: Bruce Momjian
Date: 08 April 2015, 17:29:06
Subject: Re: Sloppy SSPI error reporting code

Re: Row security violation error is misleading - Mailing list pgsql-hackers

Previous

Next