Home > mailing lists

Re: pg_dump is broken by recent privileges changes - Mailing list pgsql-hackers

From	Peter Eisentraut
Subject	Re: pg_dump is broken by recent privileges changes
Date	February 10, 2003 16:57:50
Msg-id	Pine.LNX.4.44.0302101451210.6138-100000@peter.localdomain Whole thread Raw
In response to	pg_dump is broken by recent privileges changes (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: pg_dump is broken by recent privileges changes
List	pgsql-hackers

Tree view

Tom Lane writes:

> REVOKE ALL ON SCHEMA public FROM PUBLIC;
>
> which fails with
>
> ERROR:  dependent privileges exist (use CASCADE to revoke them too)

Not here.

> This message seems incorrect --- what is a dependent privilege, and
> why would PUBLIC have any?

The term "dependent privilege" is explained on the REVOKE reference page.
And no, PUBLIC wouldn't ever have any.

> Also, pg_dump itself seems confused --- the full text of a dump from
> an empty DB is (omitting comment lines)
>
> \connect - postgres
> REVOKE ALL ON SCHEMA public FROM PUBLIC;
> GRANT ALL ON SCHEMA public TO PUBLIC;
> GRANT ALL ON SCHEMA public TO PUBLIC;
> REVOKE ALL ON SCHEMA public FROM postgres;
>
> which is not only inefficient but wrong, since public surely should
> have privileges when the dust settles.

The second GRANT is a bug because the buffer wasn't cleared.  The other
commands are correct as far as pg_dump is concerned.  At the end the
privileges are exactly "=UC/postgres", which is what they are by default.

-- 
Peter Eisentraut   peter_e@gmx.net

pgsql-hackers by date:

From: Peter Eisentraut
Date: 10 February 2003, 16:50:49
Subject: Re: Why is lc_messages restricted?

From: Peter Eisentraut
Date: 10 February 2003, 17:02:56
Subject: Re: PGP signing releases

Re: pg_dump is broken by recent privileges changes - Mailing list pgsql-hackers

Previous

Next