BUG #13649: system catalog pg_authid doesn't update automatically
The following bug has been logged on the website:
Bug reference: 13649
Logged by: aaron chan
Email address: 450019844@qq.com
PostgreSQL version: 9.5alpha2
Operating system: CentOS release 6.4 (Final)
Description:
step1:revoke "postgres" database user's superuser privilege.
step2:excute query "select relacl from pg_class where relname='pg_authid';"
the query result is "{postgres=arwdDxt/postgres}"
here it says "postgres" database user still has the update privilege ,but in
fact it can't.
--
Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-bugs
450019844@qq.com writes:
step1:revoke "postgres" database user's superuser privilege.
That's not particularly a supported operation...
step2:excute query "select relacl from pg_class where relname='pg_authid';"
the query result is "{postgres=arwdDxt/postgres}"
here it says "postgres" database user still has the update privilege ,but in
fact it can't.
There's an additional security filter, independent of granted privileges,
that says that only superusers can directly update system catalogs.
regards, tom lane
--
Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-bugs