Postgres Pro
Downloads
Home   >   mailing lists

Re: BUG #9923: "reassign owned" does not change permissions grantor - Mailing list pgsql-bugs

From Bruce Momjian
Subject Re: BUG #9923: "reassign owned" does not change permissions grantor
Date
Msg-id 20151217201453.GA27799@momjian.us
Whole thread Raw
In response to Re: BUG #9923: "reassign owned" does not change permissions grantor  (Alvaro Herrera <alvherre@2ndquadrant.com>)
Responses Re: BUG #9923: "reassign owned" does not change permissions grantor  (Tom Lane <tgl@sss.pgh.pa.us>)
List pgsql-bugs
Tree view 
On Wed, Dec 16, 2015 at 07:40:05PM -0300, Alvaro Herrera wrote:
> Bruce Momjian wrote:
> > On Fri, Jan  9, 2015 at 01:19:48PM -0500, Bruce Momjian wrote:
> > > I can confirm this bug report from April, and your analysis of the fixes
> > > --- we were missing calls to aclnewowner() for types, foreign servers,
> > > and foreign data wrappers, for both REASSIGN and ALTER OWNER TO.
> > >
> > > With the attached SQL script you can see the ACL fields properly
> > > changing to match the object owner (attached).  Without the patch, only
> > > the table's ACL changes.
> > >
> > > The patch also changes the regression output --- I think that is because
> > > the object ownership changes remove certain duplicates from the ACL
> > > list.
> >
> > Patch applied.  Thank you for the excellent bug report.
>
> I just realized that you didn't backpatch this bug fix, and therefore my
> fix for bug #13666 fails to cherry-pick sanely on 9.4 and earlier.
>
> I think this should be back-patched.
>
> This is the changelog entry:
>
> Author: Bruce Momjian <bruce@momjian.us>
> Branch: master Release: REL9_5_BR [59367fdf9] 2015-01-22 12:36:55 -0500
>
>     adjust ACL owners for REASSIGN and ALTER OWNER TO
>
>     When REASSIGN and ALTER OWNER TO are used, both the object owner and ACL
>     list should be changed from the old owner to the new owner. This patch
>     fixes types, foreign data wrappers, and foreign servers to change their
>     ACL list properly;  they already changed owners properly.
>
>     BACKWARD INCOMPATIBILITY?

Backpatching seems fine to me.  I was just concerned if anyone was
relying on the existing buggy behavior.  We do list this item as a 9.5
incompatibility, so the question is whether we can add an
incompatibility to back branches:

      Fix <link linkend="SQL-REASSIGN-OWNED"><command>REASSIGN OWNED</></>
      and <link linkend="SQL-ALTERTYPE"><command>ALTER OWNER TO</></>
      to properly update permissions lists (ACLs) when changing ownership of
      types, foreign data wrappers, and foreign servers (Bruce Momjian)

--
  Bruce Momjian  <bruce@momjian.us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

+ As you are, so once was I. As I am, so you will be. +
+ Roman grave inscription                             +

pgsql-bugs by date:

Previous
From: Kevin Grittner
Date:
Subject: Re: BUG #13681: Serialization failures caused by new multixact code of 9.3 (back-patch request)
Next
From: Tom Lane
Date:
Subject: Re: BUG #9923: "reassign owned" does not change permissions grantor