Thread: Postgres acl

Postgres acl

From

Kevin Witten

Date:

06 January 1998, 01:57:02

I believe I found a bug. If a user other than the postgres superuser is
given permission to create databases, then he should be able to destroy
the databases he creates. Currently he can't, at least in version 6.2.1
complied for SunOS 5.5. Only the poostgres superuser can delete
databases. If otherusers try they get the following error message:

"WARN:pg_database: Permission denied.
destroydb: database destroy failed on tmpdb."

eventhough this user is the database admin for tmpdb as shown in the
pd_database table.

Re: [HACKERS] Postgres acl

From

"Thomas G. Lockhart"

Date:

06 January 1998, 02:38:56

> I believe I found a bug. If a user other than the postgres superuser is
> given permission to create databases, then he should be able to destroy
> the databases he creates. Currently he can't, at least in version 6.2.1
> complied for SunOS 5.5. Only the poostgres superuser can delete
> databases. If otherusers try they get the following error message:
>
> "WARN:pg_database: Permission denied.
> destroydb: database destroy failed on tmpdb."
>
> eventhough this user is the database admin for tmpdb as shown in the
> pd_database table.

At the moment, one requires "create users" privilege to destroy your own
database, but only "create databases" privilege to create one. I think
there is something about this on the ToDo list...

                                  - Tom

Re: [HACKERS] Postgres acl

From

Bruce Momjian

Date:

06 January 1998, 03:30:40

>
> I believe I found a bug. If a user other than the postgres superuser is
> given permission to create databases, then he should be able to destroy
> the databases he creates. Currently he can't, at least in version 6.2.1
> complied for SunOS 5.5. Only the poostgres superuser can delete
> databases. If otherusers try they get the following error message:
>
> "WARN:pg_database: Permission denied.
> destroydb: database destroy failed on tmpdb."
>
> eventhough this user is the database admin for tmpdb as shown in the
> pd_database table.
>
>

Here is the fix.  This bug has been around for a while:

---------------------------------------------------------------------------

*** ./aclchk.c.orig    Tue Jan  6 00:10:25 1998
--- ./aclchk.c    Tue Jan  6 00:18:40 1998
***************
*** 410,416 ****
           * pg_database table, there is still additional permissions
           * checking in dbcommands.c
           */
!         if (mode & ACL_AP)
              return ACLCHECK_OK;
      }

--- 410,416 ----
           * pg_database table, there is still additional permissions
           * checking in dbcommands.c
           */
!         if ((mode & ACL_WR) || (mode & ACL_AP))
              return ACLCHECK_OK;
      }



--
Bruce Momjian
maillist@candle.pha.pa.us