Home > mailing lists

Re: Clarity Bug for Schema Permissions, Potential Vulnerability? - Mailing list pgsql-bugs

From	Jeff Janes
Subject	Re: Clarity Bug for Schema Permissions, Potential Vulnerability?
Date	May 6, 2020 16:37:54
Msg-id	CAMkU=1wdeM7cXAtR_ZzXZwfXkQCqBxqjGT+D_tqd5=v8wW9j-A@mail.gmail.com Whole thread Raw
In response to	Re: Clarity Bug for Schema Permissions, Potential Vulnerability? (Oleksandr Shulgin <oleksandr.shulgin@zalando.de>)
Responses	Re: Clarity Bug for Schema Permissions, Potential Vulnerability? ("David G. Johnston" <david.g.johnston@gmail.com>)
List	pgsql-bugs

Tree view

On Wed, May 6, 2020 at 3:47 AM Oleksandr Shulgin <oleksandr.shulgin@zalando.de> wrote:

I'm wondering if we could provide a more helpful error message in this case, something along the lines of:

DETAIL: 'usage' permission required on schema 'test_schema'

The actual error message is not just "permission denied", it is already:

ERROR: permission denied for schema test_schema

Given that, I don't think the additional DETAIL upon ERROR would be all that helpful.

I think a more useful change (if any) would be a NOTICE or WARNING when granting privs on a object in a schema, to a user who does not already have privs on the schema itself. I thought there was already a similar situation, where a NOTICE was issued where a permission change was executed which didn't do anything, because it was already done. But now I can't find.

pgsql-bugs by date:

From: "David G. Johnston"
Date: 06 May 2020, 16:13:59
Subject: Re: Clarity Bug for Schema Permissions, Potential Vulnerability?

From: "David G. Johnston"
Date: 06 May 2020, 17:05:45
Subject: Re: Clarity Bug for Schema Permissions, Potential Vulnerability?

Re: Clarity Bug for Schema Permissions, Potential Vulnerability? - Mailing list pgsql-bugs

Previous

Next