Re: BUG #15281: Set role does not affect superuser privleges
| От | Tomas Vondra |
|---|---|
| Тема | Re: BUG #15281: Set role does not affect superuser privleges |
| Дата | |
| Msg-id | 2e4ecc9f-5302-7017-40aa-7a412b7452da@2ndquadrant.com обсуждение исходный текст |
| Ответ на | Re: BUG #15281: Set role does not affect superuser privleges (Tom Lane <tgl@sss.pgh.pa.us>) |
| Список | pgsql-bugs |
On 07/17/2018 12:12 AM, Tom Lane wrote: > Tomas Vondra <tomas.vondra@2ndquadrant.com> writes: >> On 07/16/2018 04:55 PM, PG Bug reporting form wrote: >>> Here are the two scenarios I tested: >>> 1) as a session_user: superuser and current_user: non-superuser I can edit >>> others' tables >>> 2) as a session_user: non-superuser and current_user: superuser I cannot >>> edit others' tables > >> It's usually a good idea to provide exact scripts / output so that >> people can reproduce the issue easily. For me it behaves like this: >> ... >> So, correct in both cases. I'm not on Windows, but I don't see why would >> it behave differently there. > > Tomas' test left out the "GRANT user0 to user1" bit, but I can't > reproduce the behavior as described either. > Ah, right. Sorry for not mentioning that. I've actually tried both with and without that GRANT (no effect on behavior), but I've assumed it's there only to allow the `SET user0` which I've replaced by connecting directly as user0. So I haven't included it into the response. regards -- Tomas Vondra http://www.2ndQuadrant.com PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
В списке pgsql-bugs по дате отправления: