Currently, system catalogs (pg_*) are assumed to be readable by anyone if
the privileges are NULL, as opposed to ordinary tables, which assume only
owner access if the privileges are NULL.

I'm currently working on privileges for functions (see also Nov. 13
message, which apparently stunned everyone into silence), which will need
some sort of similar arrangement, only there's no obvious way to find out
if a function is a "system function".

I think the best solution would be to drop the pg_* exception and
explicitly grant the right privileges to each table and function in
initdb.

Objections?

--
Peter Eisentraut peter_e@gmx.net

Search Discussions

  • Dave Page at Jan 8, 2002 at 8:45 am

    -----Original Message-----
    From: Peter Eisentraut
    Sent: 07 January 2002 22:36
    To: PostgreSQL Development
    Subject: Default permissions of system catalogs


    Currently, system catalogs (pg_*) are assumed to be readable
    by anyone if the privileges are NULL, as opposed to ordinary
    tables, which assume only owner access if the privileges are NULL.

    I'm currently working on privileges for functions (see also
    Nov. 13 message, which apparently stunned everyone into
    silence), which will need some sort of similar arrangement,
    only there's no obvious way to find out if a function is a
    "system function".

    I think the best solution would be to drop the pg_* exception
    and explicitly grant the right privileges to each table and
    function in initdb.

    Objections?
    I assume you are proposing the same privileges that you describe for a user
    table (i.e. by default only the owner (==superuser) has any access)?

    If so, this would break pgAdmin for any users who are not the superuser on
    their system as the majority of it's operation relies on examining the
    system catalogues. In this case I would *strongly* object.

    <thinks...> Surely this would also be the case for psql though - have I
    misunderstood something?

    Regards, Dave.
  • Peter Eisentraut at Jan 8, 2002 at 4:09 pm

    Dave Page writes:

    I assume you are proposing the same privileges that you describe for a user
    table (i.e. by default only the owner (==superuser) has any access)?
    No, I'm not proposing to change any privileges, only the place they're
    granted.

    --
    Peter Eisentraut peter_e@gmx.net
  • Anonymous at Jan 8, 2002 at 4:22 pm

    On Tue, Jan 08, 2002 at 08:48:29AM -0000, Dave Page wrote:

    If so, this would break pgAdmin for any users who are not the superuser on
    their system as the majority of it's operation relies on examining the
    system catalogues. In this case I would *strongly* object.
    The impression I got was that he was talking about changing to a consistant
    interpretation for access rights data.

    If this was done, it should be easy to change the initially security for
    pg_* tables to include select access for public.
  • Bruce Momjian at Jan 8, 2002 at 6:58 pm

    Objections?
    I assume you are proposing the same privileges that you describe for a user
    table (i.e. by default only the owner (==superuser) has any access)?

    If so, this would break pgAdmin for any users who are not the superuser on
    their system as the majority of it's operation relies on examining the
    system catalogues. In this case I would *strongly* object.

    <thinks...> Surely this would also be the case for psql though - have I
    misunderstood something?
    I assumed he was saying that the contents of pg_class permissions should
    be interpreted the same whether it is a system table or not. He would
    set the proper system table permissions so they are visible to all users
    like it is now.

    --
    Bruce Momjian | http://candle.pha.pa.us
    pgman@candle.pha.pa.us | (610) 853-3000
    + If your life is a hard drive, | 830 Blythe Avenue
    + Christ can be your backup. | Drexel Hill, Pennsylvania 19026

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
grouppgsql-hackers @
categoriespostgresql
postedJan 7, '02 at 10:34p
activeJan 8, '02 at 6:58p
posts5
users4
websitepostgresql.org...
irc#postgresql

People

Translate

site design / logo © 2021 Grokbase