Re: BUG #13694: Row Level Security by-passed with CREATEUSER permission

Поиск
Список
Период
Сортировка
От Joe Conway
Тема Re: BUG #13694: Row Level Security by-passed with CREATEUSER permission
Дата
Msg-id 5627D3D9.8080409@joeconway.com
обсуждение исходный текст
Ответ на BUG #13694: Row Level Security by-passed with CREATEUSER permission  (justin.catterson@sofiebio.com)
Ответы Re: BUG #13694: Row Level Security by-passed with CREATEUSER permission  (Tom Lane <tgl@sss.pgh.pa.us>)
Список pgsql-bugs
Дерево обсуждения 
On 10/21/2015 09:42 AM, justin.catterson@sofiebio.com wrote:
> The following bug has been logged on the website:
>=20
> Bug reference:      13694
> Logged by:          Justin Catterson
> Email address:      justin.catterson@sofiebio.com
> PostgreSQL version: 9.5beta1
> Operating system:   Ubuntu 14.10 x64
> Description:       =20
>=20
> Users with the CREATEUSER permission do not evaluate Row Level Security=

> functions.  pg_user usebypassrls is set to false.

Not a bug. See
 http://www.postgresql.org/docs/9.5/static/sql-createrole.html

"CREATEUSER
NOCREATEUSER

    These clauses are an obsolete, but still accepted, spelling of
SUPERUSER and NOSUPERUSER. Note that they are not equivalent to
CREATEROLE as one might naively expect!"

And:
 http://www.postgresql.org/docs/9.5/static/ddl-rowsecurity.html

"Table owners, superusers, and roles with the BYPASSRLS attribute bypass
the row security system when querying a table."

HTH,

Joe

--=20
Crunchy Data - http://crunchydata.com
PostgreSQL Support for Secure Enterprises
Consulting, Training, & Open Source Development

В списке pgsql-bugs по дате отправления:

Предыдущее
От: justin.catterson@sofiebio.com
Дата:
Сообщение: BUG #13694: Row Level Security by-passed with CREATEUSER permission
Следующее
От: Tom Lane
Дата:
Сообщение: Re: BUG #13694: Row Level Security by-passed with CREATEUSER permission