Home > mailing lists

Re: Why ACL_EXECUTE is checked on FindConversion()? - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: Why ACL_EXECUTE is checked on FindConversion()?
Date	August 19, 2009 18:28:03
Msg-id	26499.1250706473@sss.pgh.pa.us Whole thread Raw
In response to	Why ACL_EXECUTE is checked on FindConversion()? (KaiGai Kohei <kaigai@ak.jp.nec.com>)
Responses	Re: Why ACL_EXECUTE is checked on FindConversion()? (KaiGai Kohei <kaigai@ak.jp.nec.com>)
List	pgsql-hackers

Tree view

KaiGai Kohei <kaigai@ak.jp.nec.com> writes:
> When FindConversion() is called, it also checks current user's ACL_EXECUTE
> privilege on the conproc of the fetched conversion.

> Why this check is applied on FindConversion(), instead of FindDefaultConversion()?

Does seem pretty inconsistent, doesn't it?

The original idea may have been to provide a substitute for a USAGE
ACL check on conversions, in which case it's not totally insane: if
you make a conversion default then you're implicitly granting it to
public.  But there's no documentation about this.

Offhand I see no really good reason to have a usage check on
conversions, and would be happy with removing this one.  The function
permission check at CREATE CONVERSION time ought to be sufficient.
        regards, tom lane

pgsql-hackers by date:

From: Tom Lane
Date: 19 August 2009, 18:22:53
Subject: Re: Idea about estimating selectivity for single-column expressions

From: Chander Ganesan
Date: 19 August 2009, 18:39:50
Subject: Re: We should Axe /contrib/start-scripts

Re: Why ACL_EXECUTE is checked on FindConversion()? - Mailing list pgsql-hackers

Previous

Next