Home > mailing lists

Re: Security Issue.. - Mailing list pgsql-hackers

From	Peter Eisentraut
Subject	Re: Security Issue..
Date	April 15, 2002 00:40:24
Msg-id	Pine.LNX.4.30.0204142143140.717-100000@peter.localdomain Whole thread Raw
In response to	Security Issue.. ("Rod Taylor" <rbt@zort.ca>)
Responses	Re: Security Issue.. (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-hackers

Tree view

Rod Taylor writes:

> The solution?  Information_Schema coupled with no direct access to
> pg_catalog.  Internals can use pg_catalog, possibly super users, but
> regular users shouldn't be able to do any reads / writes to it
> directly -- as per spec with definition_schema.

The catch on this is that privileges on views don't work quite perfectly
yet.  For instance, if you create a view
   CREATE VIEW bar AS SELECT * FROM foo;

then the statement
   SELECT * FROM bar;

needs privileges to read "foo".  The privileges would need to be changed
to be checked at view creation time.

-- 
Peter Eisentraut   peter_e@gmx.net

pgsql-hackers by date:

From: Bruce Momjian
Date: 15 April 2002, 00:34:38
Subject: Re: Security Issue..

From: "Rod Taylor"
Date: 15 April 2002, 00:42:23
Subject: Re: Security Issue..

Re: Security Issue.. - Mailing list pgsql-hackers

Previous

Next