Home > mailing lists

Re: BUG #17062: Assert failed in RemoveRoleFromObjectPolicy() on DROP OWNED policy applied to duplicate role - Mailing list pgsql-bugs

From	Tom Lane
Subject	Re: BUG #17062: Assert failed in RemoveRoleFromObjectPolicy() on DROP OWNED policy applied to duplicate role
Date	June 18, 2021 23:00:02
Msg-id	1285334.1624046402@sss.pgh.pa.us Whole thread Raw
In response to	Re: BUG #17062: Assert failed in RemoveRoleFromObjectPolicy() on DROP OWNED policy applied to duplicate role (Alvaro Herrera <alvherre@alvh.no-ip.org>)
Responses	Re: BUG #17062: Assert failed in RemoveRoleFromObjectPolicy() on DROP OWNED policy applied to duplicate role (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-bugs

Tree view

Alvaro Herrera <alvherre@alvh.no-ip.org> writes:
> Could you just set the policy to be granted to "only the bootstrap
> superuser" in that case?  I mean as an implementation path for back
> branches; use NONE going forward.  That would make the policy allow
> nobody who can't already access the record, instead of falling back to
> PUBLIC -- which I agree seems suboptimal security-wise.

That doesn't seem like a great solution --- it would produce very
confusing output from pg_dump for instance.  In fact, I think it
breaks pg_dump for cases where the target DB has a different
bootstrap superuser name.

            regards, tom lane

pgsql-bugs by date:

From: Tom Lane
Date: 18 June 2021, 22:53:14
Subject: Re: BUG #17062: Assert failed in RemoveRoleFromObjectPolicy() on DROP OWNED policy applied to duplicate role

From: PG Bug reporting form
Date: 19 June 2021, 14:28:45
Subject: BUG #17065: pg_restore never returns even on simple situations (maybe I just don't understand something)

Re: BUG #17062: Assert failed in RemoveRoleFromObjectPolicy() on DROP OWNED policy applied to duplicate role - Mailing list pgsql-bugs

Previous

Next