Dear Tom,
> ...
> Note that says WARNING, not ERROR. So I guess what we need to do is
> narrow the privilege set and issue a warning message.
Yep.
> I think this also bears on the question that was raised before about
> whether REVOKE should raise an error if you don't have the right to
> revoke the privileges you're listing. We don't, and based on this
> I think we shouldn't --- but maybe we should issue a warning.
There are two close but different issues.
(1) REVOKE ALL ON SCHEMA foo FROM calvin;
I agree with you that it looks it is allowed, as narrow would mean empty.
I really think a warning is desirable in such a case...
(2) REVOKE USAGE ON SCHEMA foo FROM calvin;
Where USAGE (or any specific right) is not grantable by the issuer.
While browsing the Access Rules of <revoke statement>... it is unclear.
I guess maybe a "grantable" word is missing in my version of the standard,
because otherwise I cannot really extract a semantics from access rule 1
case a in 12.7. Case b is much more explicit in my version for <revoke
role statement>, you need a "WITH ADMIN OPTION".
If my guess is correct and that an access rule is violated, then this
case should result in an error.
--
Fabien Coelho - coelho@cri.ensmp.fr
