Participants
Jeff Davis
Jeff Davis
Tom Lane
Tom Lane
Bruce Momjian
Bruce Momjian
Attachments
Thread Outline
#1Jeff DavisJeff Davis
Feb 27, 2008
#2Tom LaneTom Laneto Jeff Davis (#1)
Feb 27, 2008
#3Bruce MomjianBruce Momjianto Tom Lane (#2)
Mar 03, 2008

new warning message

Started by Jeff Davisalmost 18 years ago3 messages
#1Jeff Davis
Jeff Davis
pgsql@j-davis.com

On IRC today someone brought up a problem in which users were still able
to connect to a database after a "REVOKE CONNECT ... FROM theuser". The
reason theuser is still able to connect is because PUBLIC still has
privileges to connect by default (AndrewSN was the one who answered
this).

Would it be reasonable to throw a warning if you revoke a privilege from
some role, and that role inherits the privilege from some other role (or
PUBLIC)?

Regards,
Jeff Davis

#2Tom Lane
Tom Lane
tgl@sss.pgh.pa.us
In reply to: Jeff Davis (#1)
Re: new warning message

Jeff Davis <pgsql@j-davis.com> writes:

Would it be reasonable to throw a warning if you revoke a privilege from
some role, and that role inherits the privilege from some other role (or
PUBLIC)?

This has been suggested and rejected before --- the consensus is it'd
be too noisy.

Possibly the REVOKE manual page could be modified to throw more stress
on the point.

regards, tom lane

#3Bruce Momjian
Bruce Momjian
bruce@momjian.us
In reply to: Tom Lane (#2)
1 attachment(s)
Re: [HACKERS] new warning message

Tom Lane wrote:

Jeff Davis <pgsql@j-davis.com> writes:

Would it be reasonable to throw a warning if you revoke a privilege from
some role, and that role inherits the privilege from some other role (or
PUBLIC)?

This has been suggested and rejected before --- the consensus is it'd
be too noisy.

Possibly the REVOKE manual page could be modified to throw more stress
on the point.

Agreed, patch attached and applied.

--
Bruce Momjian <bruce@momjian.us> http://momjian.us
EnterpriseDB http://postgres.enterprisedb.com

+ If your life is a hard drive, Christ can be your backup. +

Attachments:

/rtmp/difftext/x-diffDownload
Index: doc/src/sgml/ref/revoke.sgml
===================================================================
RCS file: /cvsroot/pgsql/doc/src/sgml/ref/revoke.sgml,v
retrieving revision 1.46
diff -c -c -r1.46 revoke.sgml
*** doc/src/sgml/ref/revoke.sgml	30 Oct 2007 19:43:30 -0000	1.46
--- doc/src/sgml/ref/revoke.sgml	3 Mar 2008 19:16:38 -0000
***************
*** 92,98 ****
     <literal>PUBLIC</literal>.  Thus, for example, revoking <literal>SELECT</> privilege
     from <literal>PUBLIC</literal> does not necessarily mean that all roles
     have lost <literal>SELECT</> privilege on the object: those who have it granted
!    directly or via another role will still have it.
    </para>
  
    <para>
--- 92,101 ----
     <literal>PUBLIC</literal>.  Thus, for example, revoking <literal>SELECT</> privilege
     from <literal>PUBLIC</literal> does not necessarily mean that all roles
     have lost <literal>SELECT</> privilege on the object: those who have it granted
!    directly or via another role will still have it.  Similarly, revoking
!    <literal>SELECT</> from a user might not prevent that user from using
!    <literal>SELECT</> if <literal>PUBLIC</literal> or another membership
!    role still has <literal>SELECT</> rights.
    </para>
  
    <para>
← Back to Topics