Home > mailing lists

Re: [BUGS] BUG #13694: Row Level Security by-passed with CREATEUSER permission - Mailing list pgsql-hackers

From	Joe Conway
Subject	Re: [BUGS] BUG #13694: Row Level Security by-passed with CREATEUSER permission
Date	October 21, 2015 23:06:16
Msg-id	5627F033.5030402@joeconway.com Whole thread Raw
In response to	Re: [BUGS] BUG #13694: Row Level Security by-passed with CREATEUSER permission (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: Re: [BUGS] BUG #13694: Row Level Security by-passed with CREATEUSER permission (Stephen Frost <sfrost@snowman.net>)
List	pgsql-hackers

Tree view

On 10/21/2015 12:46 PM, Tom Lane wrote:
> Attached patch rips out CREATEUSER and NOCREATEUSER options lock, stock,
> and barrel.

Looks good to me.

> Another possibility is to change them to actually mean CREATEROLE and
> NOCREATEROLE.  I think probably a clean break is better though.


I think that would be too confusing. I'd rather see them go away ala
your patch.

Joe

--
Crunchy Data - http://crunchydata.com
PostgreSQL Support for Secure Enterprises
Consulting, Training, & Open Source Development

pgsql-hackers by date:

From: Euler Taveira
Date: 21 October 2015, 22:56:10
Subject: Re: Duplicated assignment of slot_name in walsender.c

From: Alvaro Herrera
Date: 21 October 2015, 23:14:43
Subject: Re: Freezing without cleanup lock

Re: [BUGS] BUG #13694: Row Level Security by-passed with CREATEUSER permission - Mailing list pgsql-hackers

Previous

Next