Re: Grant Update (Possible bug)?
| От | Peter Eisentraut |
|---|---|
| Тема | Re: Grant Update (Possible bug)? |
| Дата | |
| Msg-id | 200407021601.26127.peter_e@gmx.net обсуждение исходный текст |
| Ответ на | Grant Update (Possible bug)? (Ilir Gashi <I.Gashi@city.ac.uk>) |
| Ответы |
Re: Grant Update (Possible bug)?
Re: Grant Update (Possible bug)? |
| Список | pgsql-bugs |
Am Freitag, 2. Juli 2004 13:20 schrieb Ilir Gashi: > CREATE TABLE TEST(ID INTEGER,NAME VARCHAR(50)); > INSERT INTO TEST (ID) VALUES (1); > GRANT UPDATE ON TEST TO TESTUSER; > Connect as TestUser; > UPDATE TEST SET NAME='TEST' WHERE ID=1; > ERROR: test: Permission denied. > UPDATE TEST SET NAME='TEST'; > Executes successfully. According to the letter of the SQL standard, this behavior is not conforming. But PostgreSQL enforces that you need SELECT privilege for columns that you read for the purpose of performing an UPDATE. The reason is that otherwise you could infer a great deal about the data in the table by just looking at the update count.
В списке pgsql-bugs по дате отправления: