Re: BUG #9923: "reassign owned" does not change permissions grantor
| От | Bruce Momjian |
|---|---|
| Тема | Re: BUG #9923: "reassign owned" does not change permissions grantor |
| Дата | |
| Msg-id | 20151217201453.GA27799@momjian.us обсуждение исходный текст |
| Ответ на | Re: BUG #9923: "reassign owned" does not change permissions grantor (Alvaro Herrera <alvherre@2ndquadrant.com>) |
| Ответы |
Re: BUG #9923: "reassign owned" does not change permissions grantor
|
| Список | pgsql-bugs |
On Wed, Dec 16, 2015 at 07:40:05PM -0300, Alvaro Herrera wrote:
> Bruce Momjian wrote:
> > On Fri, Jan 9, 2015 at 01:19:48PM -0500, Bruce Momjian wrote:
> > > I can confirm this bug report from April, and your analysis of the fixes
> > > --- we were missing calls to aclnewowner() for types, foreign servers,
> > > and foreign data wrappers, for both REASSIGN and ALTER OWNER TO.
> > >
> > > With the attached SQL script you can see the ACL fields properly
> > > changing to match the object owner (attached). Without the patch, only
> > > the table's ACL changes.
> > >
> > > The patch also changes the regression output --- I think that is because
> > > the object ownership changes remove certain duplicates from the ACL
> > > list.
> >
> > Patch applied. Thank you for the excellent bug report.
>
> I just realized that you didn't backpatch this bug fix, and therefore my
> fix for bug #13666 fails to cherry-pick sanely on 9.4 and earlier.
>
> I think this should be back-patched.
>
> This is the changelog entry:
>
> Author: Bruce Momjian <bruce@momjian.us>
> Branch: master Release: REL9_5_BR [59367fdf9] 2015-01-22 12:36:55 -0500
>
> adjust ACL owners for REASSIGN and ALTER OWNER TO
>
> When REASSIGN and ALTER OWNER TO are used, both the object owner and ACL
> list should be changed from the old owner to the new owner. This patch
> fixes types, foreign data wrappers, and foreign servers to change their
> ACL list properly; they already changed owners properly.
>
> BACKWARD INCOMPATIBILITY?
Backpatching seems fine to me. I was just concerned if anyone was
relying on the existing buggy behavior. We do list this item as a 9.5
incompatibility, so the question is whether we can add an
incompatibility to back branches:
Fix <link linkend="SQL-REASSIGN-OWNED"><command>REASSIGN OWNED</></>
and <link linkend="SQL-ALTERTYPE"><command>ALTER OWNER TO</></>
to properly update permissions lists (ACLs) when changing ownership of
types, foreign data wrappers, and foreign servers (Bruce Momjian)
--
Bruce Momjian <bruce@momjian.us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ As you are, so once was I. As I am, so you will be. +
+ Roman grave inscription +
В списке pgsql-bugs по дате отправления: