Re: BUG #17626: Permission denied errors should list role as well as user

Поиск
Список
Период
Сортировка
От David G. Johnston
Тема Re: BUG #17626: Permission denied errors should list role as well as user
Дата
Msg-id CAKFQuwbS7JewidNKDN6W87wna-ZBbZx7xtMr=ksmWdFaEqJekQ@mail.gmail.com
обсуждение исходный текст
Ответ на Re: BUG #17626: Permission denied errors should list role as well as user  (Tom Lane <tgl@sss.pgh.pa.us>)
Список pgsql-bugs
Дерево обсуждения


On Mon, Oct 3, 2022, 08:53 Tom Lane <tgl@sss.pgh.pa.us> wrote:
"David G. Johnston" <david.g.johnston@gmail.com> writes:
> Basically, a permission check requires two things and the complaint is that
> only one of those things is mentioned in the error message.

No, the complaint is that the wrong thing is shown --- but I don't
know what's showing it; aclcheck_error() certainly doesn't.

There's a separate conversation to be had perhaps about whether
aclcheck_error's standard message *should* include the role name
whose permissions were checked.  I have a vague feeling that that
omission was intentional, but it was so long ago that I don't
recall for sure.  It seems like something that'd be good to show
in more complicated situations with views, security definer
functions, etc.

               

Replied too early, I see that now.  There have been a couple of recent discussions that have made me want to see what role PostgreSQL is considering in cases like you mention that my mind just went there.

David J.

В списке pgsql-bugs по дате отправления:

Предыдущее
От: Loren Siebert
Дата:
Сообщение: Re: BUG #17626: Permission denied errors should list role as well as user
Следующее
От: Masahiko Sawada
Дата:
Сообщение: Re: BUG #17619: AllocSizeIsValid violation in parallel hash join