Re: [PATCH] remove redundant ownership checks

Alex Hunsaker <badalex@gmail.com> writes:
> Im of the opinion if we are going to be meddling with the permission
> checks in this area one of the goals should be close or at least
> tighten up that window.  So you cant lock a table you dont have
> permission to (either via LOCK or ALTER TABLE).  (Ignoring the issues
> of concurrent permission changes of course...)

Well, that's exactly the problem: it's not very sane to do permissions
checking on a table you have no lock whatsoever on, because the table
could be dropped, renamed, or have its permissions altered underneath
you.  We could imagine taking a weak lock that forbids those operations
and then upgrading once we're sure we have the right to take a stronger
lock, but lock upgrade is a certain ticket to deadlocks.

So yeah, it'd be nice, but it's not apparent how to do it.  The best
thing I can see how to do is keep the window between taking the lock
and verifying permissions narrow.
        regards, tom lane