Home > mailing lists

Re: BUG #5458: Permission check is skipped by inheritance - Mailing list pgsql-bugs

From	Tom Lane
Subject	Re: BUG #5458: Permission check is skipped by inheritance
Date	May 11, 2010 14:52:12
Msg-id	6614.1273589521@sss.pgh.pa.us Whole thread Raw
In response to	BUG #5458: Permission check is skipped by inheritance ("Takahiro Itagaki" <itagaki.takahiro@oss.ntt.co.jp>)
List	pgsql-bugs

Tree view

"Takahiro Itagaki" <itagaki.takahiro@oss.ntt.co.jp> writes:
> Even if a non-superuser who has no permissions on
> a parent and a child tables, he can retrieve data
> from the parent when the two tables have inheritance
> relationship.

Hmm, the change to not check child permissions is intentional, but
it looks like Peter overdid it ...

2009-10-23 01:24  petere

    * doc/src/sgml/ddl.sgml, src/backend/optimizer/prep/prepunion.c,
    src/test/regress/expected/privileges.out,
    src/test/regress/sql/privileges.sql: When querying a table with
    child tables, do not check permissions on the child tables.  This
    was found to be useless and confusing in virtually all cases, and
    also contrary to the SQL standard.

            regards, tom lane

pgsql-bugs by date:

From: Bruce Momjian
Date: 11 May 2010, 12:59:43
Subject: Re: BUG #5457: dblink_connect now restricts non-superusers to password

From: Peter Eisentraut
Date: 11 May 2010, 17:08:51
Subject: Re: bool: symbol name collision

Re: BUG #5458: Permission check is skipped by inheritance - Mailing list pgsql-bugs

Previous

Next