Re: Checking for USAGE on SET search_path... - Mailing list pgsql-patches

From Tom Lane
Subject Re: Checking for USAGE on SET search_path...
Date
Msg-id 21706.1081490834@sss.pgh.pa.us
Whole thread Raw
In response to Checking for USAGE on SET search_path...  (Sean Chittenden <sean@chittenden.org>)
List pgsql-patches
Sean Chittenden <sean@chittenden.org> writes:
> This patch does two things:

> 1) Changes the semantics of assign_search_path()/'SET search_path' so
> that you can't set your search path to a schema you don't have USAGE
> privs for.

Why is that needed?  It's already a no-op AFAIR.  It also is
incompatible with the existing behavior, in which nonexistent schemas
(think "$user") are dropped silently rather than noisily.  Your patch
also breaks the previous careful tweak to allow ALTER DATABASE SET
to succeed when mentioning a schema not present in the current database.

> 2) Changes psql's \dn query and its schema tab completion query to
> incorporate ACL checking so that \dn only lists schemas that a user has
> USAGE privs on.

This requires considerable discussion.  Should \df only list functions
you are allowed to call?  \dt only tables you are allowed to read?
\h only commands you are allowed to execute?

I'm not that thrilled with patches that propose basic changes in
behavior and have not been justified by any preceding discussion
on pghackers...

            regards, tom lane

pgsql-patches by date:

Previous
From: Sean Chittenden
Date:
Subject: Checking for USAGE on SET search_path...
Next
From: "Magnus Hagander"
Date:
Subject: Re: New socket code for win32