| From: | Phil Frost <indigo(at)bitglue(dot)com> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: lastval exposes information that currval does not |
| Date: | 2006-07-27 15:21:01 |
| Message-ID: | 20060727152100.GA10960@unununium.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
All right, I give up. I guess no one seems to want to admit this is a
bad security policy, or accurately document it. Does that make it an
easter egg?
On Thu, Jul 20, 2006 at 01:59:43PM -0400, Bruce Momjian wrote:
>
> OK, text again updated:
>
> For schemas, allows access to objects contained in the specified
> schema (assuming that the objects' own privilege requirements are
> also met). Essentially this allows the grantee to <quote>look up</>
> objects within the schema. Without this permission, it is still
> possible to see the object names, e.g. by querying the system tables.
> Also, after revoking this permission, existing backends might have
> statements that have previously performed this lookup, so this is not
> a completely secure way to prevent object access.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Csaba Nagy | 2006-07-27 15:31:19 | Re: GUC with units, details |
| Previous Message | Jim Nasby | 2006-07-27 15:20:02 | Re: GUC with units, details |