permission leak
| От | bigapple |
|---|---|
| Тема | permission leak |
| Дата | |
| Msg-id | 20030117055208.01D601D2A5F24@sm212.163.com обсуждение исходный текст |
| Список | pgsql-bugs |
PGBUGS=A3=AC Short Description Drop user cannot delete the correspoding permission and cannot change the= owner of the namespace. Long Description When I droped a user, the all permission granted by other user cannot be = deleted. The all SQL statements show as the follow: test=3D# CREATE user userb; --user test is a superuser and the database is= test. CREATE USER test=3D# GRANT SELECT on b to userb; GRANT test=3D# c test userb You are now connected to database test as user userb. test=3D> SELECT * from b; --the table b is public.b id ---- (0 rows) test=3D> c You are now connected to database test as user test. test=3D# drop user userb; DROP USER test=3D# CREATE user userc; CREATE USER test=3D# c test userc You are now connected to database test as user userc. test=3D> SELECT * from b; --the table b is public.b a --- (0 rows) When I got these message, and checked the system catalog pg_shadow , and find the droped userb and new user userc had same usesysid. And more, Superuser test create a schema for userb, the userc got the schema for userc has the same usesysid as userb; I think this is permission leak. bigapple 2003.1.17. =09 =A1=A1=A1=A1=A1=A1=A1=A1=A1=A1=A1=A1=A1=A1=A1=A1 =20=09=09=09=09 =A1=A1 =A1=A1=A1=A1=A1=A1=A1=A1=A1=A1=A1=A1=A1=A1 =A1=A1=A1=A1=A1=A1=A1=A1=A1=A1=A1=A1=A1=A1=A1=A1=A1=A1=A1=A12003-01-17
В списке pgsql-bugs по дате отправления: