Re: [Patch] Invalid permission check in pg_stats for functional indexes - Mailing list pgsql-hackers

From Daniel Gustafsson
Subject Re: [Patch] Invalid permission check in pg_stats for functional indexes
Date
Msg-id B4EED1A1-1042-445B-95AC-FD87F36C839B@yesql.se
Whole thread Raw
In response to Re: [Patch] Invalid permission check in pg_stats for functionalindexes  (David Steele <david@pgmasters.net>)
Responses Re: [Patch] Invalid permission check in pg_stats for functional indexes
List pgsql-hackers
> On 25 Mar 2020, at 15:52, David Steele <david@pgmasters.net> wrote:

> On 12/26/19 6:46 PM, Tom Lane wrote:
>> Awhile back I wrote:
>>> Actually ... maybe we don't need to change the view definition at all,
>>> but instead just make has_column_privilege() do something different
>>> for indexes than it does for other relation types.  It's dubious that
>>> applying that function to an index yields anything meaningful today,
>>> so we could redefine what it returns without (probably) breaking
>>> anything.  That would at least give us an option to back-patch, too,
>>> though the end result might be complex enough that we don't care to
>>> risk it.
>> In hopes of resurrecting this thread, here's a draft patch that does
>> it like that (and also fixes row_security_active(), as otherwise this
>> probably creates a security hole in pg_stats).
> 
> Do you know when you will have a chance to look at this patch?
> 
> Tom made a suggestion up-thread about where the regression tests could go.

This patch still hasn't progressed since Tom's draft patch, is anyone still
interested in pursuing it or should we close it for now?

cheers ./daniel



pgsql-hackers by date:

Previous
From: Daniel Gustafsson
Date:
Subject: Re: psql - improve test coverage from 41% to 88%
Next
From: Daniel Gustafsson
Date:
Subject: Re: Online verification of checksums