Home > mailing lists

BUG #1150: grant options not properly checked - Mailing list pgsql-bugs

From	PostgreSQL Bugs List
Subject	BUG #1150: grant options not properly checked
Date	May 11, 2004 09:18:39
Msg-id	20040511091816.E9887CF519E@www.postgresql.com Whole thread Raw
Responses	Re: BUG #1150: grant options not properly checked
List	pgsql-bugs

Tree view

The following bug has been logged online:

Bug reference:      1150
Logged by:          Fabien Coelho

Email address:      coelho@cri.ensmp.fr

PostgreSQL version: 7.5 Dev

Operating system:   Linux

Description:        grant options not properly checked

Details:

It seems that GRANT ALL ON SCHEMA does not properly
check for grantor rights. I haven't tested other
grantable stuff...

repeat:

psql> SELECT CURRENT_USER;
 current_user
--------------
 hobbes

psql> SELECT * FROM pg_namespace WHERE nspname='foo';
 nspname | nspowner |                 nspacl
---------+----------+----------------------------------------
 foo     |      101 | {calvin=U*C*/calvin,hobbes=U*C/calvin}


As hobbes, I should only be able to grant usage.
However:

psql> GRANT ALL ON SCHEMA foo TO suzy;
psql> SELECT * FROM pg_namespace WHERE nspname='foo';
 nspname | nspowner |                        nspacl
---------+----------+-------------------------------------------------------
 foo     |      101 | {calvin=U*C*/calvin,hobbes=U*C/calvin,suzy=UC/hobbes}

Suzy has both Usage and Create rights on schema foo,
although hobbes had only a grant option for usage.

pgsql-bugs by date:

From: "PostgreSQL Bugs List"
Date: 11 May 2004, 09:01:18
Subject: BUG #1149: server includes not installed by default

From: Martin Pitt
Date: 11 May 2004, 10:04:19
Subject: Fwd: Bug#247306: odbc-postgresql: SIGSEGV with long inputs (> 10000 bytes)

BUG #1150: grant options not properly checked - Mailing list pgsql-bugs

Previous

Next