Re: Clarity Bug for Schema Permissions, Potential Vulnerability?

Поиск
Список
Период
Сортировка
От David G. Johnston
Тема Re: Clarity Bug for Schema Permissions, Potential Vulnerability?
Дата
Msg-id CAKFQuwY4PU5bews3XK4czceVnkmFzwEXDvP9nDDCwkiQoFipLw@mail.gmail.com
обсуждение исходный текст
Ответ на Clarity Bug for Schema Permissions, Potential Vulnerability?  (Justis Lincoln Mackaoui <jmackaou@calpoly.edu>)
Список pgsql-bugs
Дерево обсуждения
On Tuesday, May 5, 2020, Justis Lincoln Mackaoui <jmackaou@calpoly.edu> wrote:

My argument is that step #6, the granting of privileges on the table, should return an “ERROR: permission denied” because the “test_user” should not know at all about the objects contained within “test_schema”. This would prevent the confusing state of contradictory permissions and access-


Hiding object existence is not something PostgreSQL does.  Anyone can view pg_class.  So this is strictly a usability concern.  At first glance I concur that there seems to be room for improvement here.

David J.

В списке pgsql-bugs по дате отправления:

Предыдущее
От: PG Bug reporting form
Дата:
Сообщение: BUG #16418: postgis23_96 dependency proj49 missing now pgdg94 default to disabled
Следующее
От: Jeff Janes
Дата:
Сообщение: Re: Clarity Bug for Schema Permissions, Potential Vulnerability?