Re: BUG #13694: Row Level Security by-passed with CREATEUSER permission

Поиск
Список
Период
Сортировка
От Tom Lane
Тема Re: BUG #13694: Row Level Security by-passed with CREATEUSER permission
Дата
Msg-id 22555.1445451464@sss.pgh.pa.us
обсуждение исходный текст
Ответ на Re: BUG #13694: Row Level Security by-passed with CREATEUSER permission  (Joe Conway <mail@joeconway.com>)
Ответы Re: BUG #13694: Row Level Security by-passed with CREATEUSER permission  (Stephen Frost <sfrost@snowman.net>)
Re: BUG #13694: Row Level Security by-passed with CREATEUSER permission  (Andres Freund <andres@anarazel.de>)
Re: BUG #13694: Row Level Security by-passed with CREATEUSER permission  (Justin Catterson <justin.catterson@sofiebio.com>)
Список pgsql-bugs
Дерево обсуждения 
Joe Conway <mail@joeconway.com> writes:
> On 10/21/2015 09:42 AM, justin.catterson@sofiebio.com wrote:
>> Users with the CREATEUSER permission do not evaluate Row Level Security
>> functions.  pg_user usebypassrls is set to false.

> Not a bug. See
>  http://www.postgresql.org/docs/9.5/static/sql-createrole.html

> "CREATEUSER
> NOCREATEUSER

>     These clauses are an obsolete, but still accepted, spelling of
> SUPERUSER and NOSUPERUSER. Note that they are not equivalent to
> CREATEROLE as one might naively expect!"

I wonder if it's time yet to remove those keywords.  We've had the
SUPERUSER spelling since 8.1, and this report should remind us that
people get confused by the old spellings.

            regards, tom lane

В списке pgsql-bugs по дате отправления:

Предыдущее
От: Joe Conway
Дата:
Сообщение: Re: BUG #13694: Row Level Security by-passed with CREATEUSER permission
Следующее
От: Stephen Frost
Дата:
Сообщение: Re: BUG #13694: Row Level Security by-passed with CREATEUSER permission