Hi,
I suppose the following is a bug, but it's not a coding one, just a
bug in the way postgresql works, or maybe it's only a feature I don't
understand (if that's the case I sincerely apologize) :
I use postgresql 6.5.3 under Linux 2.0.35 + libc 5.3.12, but I suppose
this doesn't matter:
vroum=> CREATE USER john;
CREATE USER
vroum=> GRANT SELECT,UPDATE ON couleur TO john;
CHANGE
vroum=> \z
Database = vroum
+------------------+------------------------------+
| Relation | Grant/Revoke Permissions |
+------------------+------------------------------+
| couleur | {"=","uvroum=arwR","john=rw"} |
vroum=> DROP USER john;
DROP USER
vroum=> \z
Database = vroum
+------------------+------------------------------+
| Relation | Grant/Revoke Permissions |
+------------------+------------------------------+
| couleur | {"=","uvroum=arwR","2001=rw"} |
the grant revoke permissions weren't updated !
So I try to update them manually:
vroum=> REVOKE ALL ON couleur FROM "2001";
ERROR: aclparse: non-existent user "2001"
vroum=> REVOKE ALL ON couleur FROM 2001;
ERROR: parser: parse error at or near "2001"
vroum=>
this seems impossible without manually updating some system tables, which
I haven't tried.
IMHO the DROP USER should have updated all Grant/Revoke permissions.
another bug IMHO is that if I do this (CREATE USER, GRANT, DROP USER) 2
times with 2 different user names, then the same userid (2001) is used.
I think the userid shouldn't be reused, especially because of the above
mentionned problem which could very well cause security problems (not
tested).
Jerome ALET - alet@unice.fr - http://cortex.unice.fr/~jerome
Faculte de Medecine de Nice - http://noe.unice.fr - Tel: 04 93 37 76 30
28 Avenue de Valombrose - 06107 NICE Cedex 2 - FRANCE
