Home > mailing lists

Re: BUG #3921: CREATE TABLE / INCLUDING INDEXES fails with permission denied - Mailing list pgsql-hackers

From	Gregory Stark
Subject	Re: BUG #3921: CREATE TABLE / INCLUDING INDEXES fails with permission denied
Date	February 1, 2008 21:16:42
Msg-id	87k5lo9vbc.fsf@oxford.xeocode.com Whole thread Raw
In response to	Re: [BUGS] BUG #3921: CREATE TABLE / INCLUDING INDEXES fails with permission denied (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-hackers

Tree view

"Tom Lane" <tgl@sss.pgh.pa.us> writes:

> 1. DefineIndex() treats an omitted tablespace clause differently from
> explicitly specifying the tablespace that is the database's default:
> if you explicitly specify the space then you must have permissions on
> it, otherwise you don't need any.  (This is the same behavior as in
> DefineRelation incidentally.)  Maybe this isn't such a hot idea, and
> we should treat the two cases interchangeably?

I always thought that was absolutely bizarre. Security should never depend on
*how* you refer to an object. You should either have access to the object or
not regardless of how you refer to it.

--  Gregory Stark EnterpriseDB          http://www.enterprisedb.com Ask me about EnterpriseDB's Slony Replication
support!

pgsql-hackers by date:

From: Gregory Stark
Date: 01 February 2008, 20:32:06
Subject: Re: Backward reading

From: "Gurjeet Singh"
Date: 01 February 2008, 21:26:20
Subject: Re: and waiting

Re: BUG #3921: CREATE TABLE / INCLUDING INDEXES fails with permission denied - Mailing list pgsql-hackers

Previous

Next