Thread: Very nice... Solaris/Sparc works...
Compiles, installs and tests cleanly...regression test results are in src/test/regress/regression.Solaris-Sparc for anyone wanting to look at the variances...
Hello I like the added security of 6.3 however how do you grant access to SELECT currval('SEQ') AS id I get a permission error on seq.currval? I figured out how to use CVSUP so I am grabbing the latest version. If this is fixed in it then great otherwise any ideas? Michael * Michael J. Rogan, Network Administrator, 905-624-3020 * * Mark IV Industries, F-P Electronics & I.V.H.S. Divisions * * mrogan@fpelectronics.com mrogan@ivhs.com *
Michael J. Rogan wrote: > > Hello > > I like the added security of 6.3 however how do you grant access to > SELECT currval('SEQ') AS id > I get a permission error on seq.currval? > > I figured out how to use CVSUP so I am grabbing the latest version. > > If this is fixed in it then great otherwise any ideas? I don't remember - did we NO_ACCESS to a table for public as default or not ? If yes then you have to GRANT permissions on sequences... Vadim
> > Michael J. Rogan wrote: > > > > Hello > > > > I like the added security of 6.3 however how do you grant access to > > SELECT currval('SEQ') AS id > > I get a permission error on seq.currval? > > > > I figured out how to use CVSUP so I am grabbing the latest version. > > > > If this is fixed in it then great otherwise any ideas? > > I don't remember - did we NO_ACCESS to a table for public > as default or not ? We did so. Default is now NO_ACCESS for public but SELECT granted for public on IsSystemRelationName() where no explicit ACL is set. So all tables and views prefixed pg_ are readable by default and must still be revoked if you don't want them public readable. All other tables and views are private. > If yes then you have to GRANT permissions on sequences... Checked that and it works. The creator of the sequence is the owner and can do anything by default (superuser too). GRANT SELECT ON seq permitts to get currval() from sequence. GRANT SELECT, UPDATE ON seq permitts to get nextval(). Great to see that new security code works also for an area that we didn't thought about. Jan -- #======================================================================# # It's easier to get forgiveness for being wrong than for being right. # # Let's break this rule - forgive me. # #======================================== jwieck@debis.com (Jan Wieck) #
On Thu, 26 Feb 1998, Vadim B. Mikheev wrote: > Michael J. Rogan wrote: > > > > Hello > > > > I like the added security of 6.3 however how do you grant access to > > SELECT currval('SEQ') AS id > > I get a permission error on seq.currval? > > > > I figured out how to use CVSUP so I am grabbing the latest version. > > > > If this is fixed in it then great otherwise any ideas? > > I don't remember - did we NO_ACCESS to a table for public > as default or not ? Yes... Marc G. Fournier Systems Administrator @ hub.org primary: scrappy@hub.org secondary: scrappy@{freebsd|postgresql}.org