Home > mailing lists

pgsql: Remove any-user DML capability from allow_system_table_mods - Mailing list pgsql-committers

From	Peter Eisentraut
Subject	pgsql: Remove any-user DML capability from allow_system_table_mods
Date	November 29, 2019 12:24:47
Msg-id	E1iacW7-0003h2-4w@gemulon.postgresql.org Whole thread Raw
List	pgsql-committers

Tree view

Remove any-user DML capability from allow_system_table_mods

Previously, allow_system_table_mods allowed a non-superuser to do DML
on a system table without further permission checks.  This has been
removed, as it was quite inconsistent with the rest of the meaning of
this setting.  (Since allow_system_table_mods was previously only
accessible with a server restart, it is unlikely that anyone was using
this possibility.)

Reviewed-by: Tom Lane <tgl@sss.pgh.pa.us>
Discussion: https://www.postgresql.org/message-id/flat/8b00ea5e-28a7-88ba-e848-21528b632354%402ndquadrant.com

Branch
------
master

Details
-------
https://git.postgresql.org/pg/commitdiff/508bf95b767140ec1a339bcb53538d21deb9d995

Modified Files
--------------
src/backend/catalog/aclchk.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)

pgsql-committers by date:

From: Peter Eisentraut
Date: 29 November 2019, 11:26:30
Subject: pgsql: Add error position to an error message

From: Amit Kapila
Date: 29 November 2019, 12:54:12
Subject: Re: pgsql: Add tests for '-f' option in dropdb utility.

pgsql: Remove any-user DML capability from allow_system_table_mods - Mailing list pgsql-committers

Previous

Next