Home > mailing lists

Re: Bug introduced by recent ALTER OWNER permissions check change - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: Bug introduced by recent ALTER OWNER permissions check change
Date	August 4, 2005 03:19:12
Msg-id	11564.1123125499@sss.pgh.pa.us Whole thread Raw
In response to	Re: Bug introduced by recent ALTER OWNER permissions check change (Stephen Frost <sfrost@snowman.net>)
Responses	Re: Bug introduced by recent ALTER OWNER permissions check change (Stephen Frost <sfrost@snowman.net>)
List	pgsql-hackers

Tree view

Stephen Frost <sfrost@snowman.net> writes:
> I don't like this approach to solving the problem.  I would rather see
> the check modified to allow the ownership change provided:

> the user issueing the command has access to destination role
> AND
> (
> the destination role can create the table
>   OR the user issuing the command has owner rights on the schema/db
> )
> etc

I don't think so --- this would allow unprivileged users to use ALTER
OWNER to arrive at states they could not arrive at otherwise; which
destroys the entire argument that non-superuser ALTER OWNER is not a
security risk.  Shall we reverse out the patch and require you to
justify it from scratch?

Superusers should be allowed to do whatever they want, but that doesn't
mean that we should weaken the rules applied to ordinary users.
        regards, tom lane

pgsql-hackers by date:

From: Stephen Frost
Date: 04 August 2005, 03:07:29
Subject: Re: Bug introduced by recent ALTER OWNER permissions check change

From: Simon Riggs
Date: 04 August 2005, 06:36:53
Subject: Re: Fundamental error in "no WAL log" index/file

Re: Bug introduced by recent ALTER OWNER permissions check change - Mailing list pgsql-hackers

Previous

Next