Home > mailing lists

Re: pg_dump and REVOKE on function - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: pg_dump and REVOKE on function
Date	August 12, 2003 21:16:16
Msg-id	16611.1060722952@sss.pgh.pa.us Whole thread Raw
In response to	pg_dump and REVOKE on function (Rod Taylor <rbt@rbt.ca>)
Responses	Re: pg_dump and REVOKE on function
List	pgsql-hackers

Tree view

Rod Taylor <rbt@rbt.ca> writes:
> r=# REVOKE ALL ON FUNCTION weekdate (date) FROM PUBLIC;
> REVOKE
> r=# GRANT ALL ON FUNCTION weekdate (date) TO PUBLIC;
> GRANT
> r=# REVOKE ALL ON FUNCTION weekdate (date) FROM rbt;
> ERROR:  dependent privileges exist
> HINT:  Use CASCADE to revoke them too.

Ugh.  We could fix pg_dump to output the commands in a better order,
but that won't help for dumps from existing releases.

Given that rbt is the owner of the object, I'm not sure that it is
sensible to interpret the above as revoking his ability to grant
privileges to others.  Seems to me that his ability to GRANT is inherent
in being the owner, and as such his "grant option" bits are irrelevant.
So maybe the commands are okay and the backend's interpretation is
bogus.

Peter, any thoughts?
        regards, tom lane

pgsql-hackers by date:

From: Tom Lane
Date: 12 August 2003, 20:58:35
Subject: Re: Parsing speed (was Re: pgstats_initstats() cost)

From: Bruce Momjian
Date: 12 August 2003, 22:05:35
Subject: Re: reuse sysids security hole?

Re: pg_dump and REVOKE on function - Mailing list pgsql-hackers

Previous

Next