Home > mailing lists

Re: [HACKERS] Privilege checks on array coercions - Mailing list pgsql-hackers

From	Jim Nasby
Subject	Re: [HACKERS] Privilege checks on array coercions
Date	March 24, 2017 05:29:54
Msg-id	77b4041b-a4ea-6524-4c2d-b86f43fd1b3c@nasby.net Whole thread Raw
In response to	Re: [HACKERS] Privilege checks on array coercions (Andres Freund <andres@anarazel.de>)
List	pgsql-hackers

Tree view

On 3/23/17 12:37 PM, Andres Freund wrote:
> On 2017-03-23 15:26:51 -0400, Tom Lane wrote:
>> There is a test in privileges.sql (currently lines 589-625 in
>> privileges.out) that seems to be dependent on the fact that the
>> ArrayCoerceExpr logic doesn't check for EXECUTE privilege on the
>> per-element type coercion function if it's dealing with a NULL input
>> array.
...
>> Does anyone want to defend this
>> privileges test case as testing for some behavior that users expect?
>
> Not me - that seems quite sensible to change.

I'd even argue that existing behavior is a bug.
-- 
Jim C. Nasby, Data Architect                       jim@nasby.net
512.569.9461 (cell)                         http://jim.nasby.net

pgsql-hackers by date:

From: Mark Kirkwood
Date: 24 March 2017, 05:14:25
Subject: Re: [HACKERS] Logical replication existing data copy

From: Petr Jelinek
Date: 24 March 2017, 05:32:28
Subject: Re: [HACKERS] Logical replication existing data copy

Re: [HACKERS] Privilege checks on array coercions - Mailing list pgsql-hackers

Previous

Next