From: | KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp> |
---|---|
To: | Petr Jelinek <pjmodos(at)pjmodos(dot)net> |
Cc: | KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Robert Haas <robertmhaas(at)gmail(dot)com>, Jan Urban'ski <wulczer(at)wulczer(dot)org>, Josh Berkus <josh(at)agliodbs(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: [PATCH] DefaultACLs |
Date: | 2009-10-06 14:02:59 |
Message-ID: | 4ACB4E13.80406@kaigai.gr.jp |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Petr Jelinek wrote:
> KaiGai Kohei napsal(a):
>> I tried to check the default ACL behavior.
>>
>> It works for me fine, good, but ...
>>
>> postgres=> SELECT * INTO t3 FROM t1;
>> SELECT
>> postgres=> SELECT * FROM t3;
>> a | b
>> ---+-----
>> 1 | aaa
>> 2 | bbb
>> (2 rows)
>>
>> postgres=> INSERT INTO t3 VALUES (3,'ccc');
>> ERROR: permission denied for relation t3
>>
>> In this case, the new table t3 is created with the default ACL which does not
>> allow to insert any values by the owner of the relation.
>>
>> SELECT INTO does not check ACL_INSERT on the newly created tables, because
>> we had been able to assume the table owner always has privilege to insert
>> values into the new table.
>> So, OpenIntoRel() didn't check this obvious privilege.
>>
>> But the default ACL feature breaks this assumption. The table owner may not
>> have privilege to insert values into new tables.
>> So, it is necessary to put actual access controls on the OpenIntoRel().
>>
>
> That's strange behavior I agree. However I don't see how default ACLs
> changed it in any way, owner could REVOKE his privileges before.
>
I don't think the default ACL feature should do something ad-hoc here.
Is there anything necessary more than adding permission checks to insert
values into the new table?
Thanks,
--
KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2009-10-06 14:13:54 | Re: Patch: create or replace language |
Previous Message | Tom Lane | 2009-10-06 14:00:53 | Re: Privileges and inheritance |