Alex Hunsaker <badalex@gmail.com> writes:
> Im of the opinion if we are going to be meddling with the permission
> checks in this area one of the goals should be close or at least
> tighten up that window. So you cant lock a table you dont have
> permission to (either via LOCK or ALTER TABLE). (Ignoring the issues
> of concurrent permission changes of course...)
Well, that's exactly the problem: it's not very sane to do permissions
checking on a table you have no lock whatsoever on, because the table
could be dropped, renamed, or have its permissions altered underneath
you. We could imagine taking a weak lock that forbids those operations
and then upgrading once we're sure we have the right to take a stronger
lock, but lock upgrade is a certain ticket to deadlocks.
So yeah, it'd be nice, but it's not apparent how to do it. The best
thing I can see how to do is keep the window between taking the lock
and verifying permissions narrow.
regards, tom lane
