| Lists: | Postg윈 토토SQL : Postg윈 토토SQL 메일 링리스트 : 2000-08-25 이후 PGSQL-BUGS 13:48 |
|---|
| From: | pgsql-bugs(at)postgresql(dot)org |
|---|---|
| To: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | wrong permissions for triggers invoked by rewrite rules |
| Date: | 2000-08-25 13:48:53 |
| Message-ID: | 200008251348.e7PDmrN49571@hub.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | Postg윈 토토SQL : Postg윈 토토SQL 메일 링리스트 : 2000-08-25 이후 PGSQL-BUGS 13:48 |
Helge Bahmann (bahmann(at)math(dot)tu-freiberg(dot)de) reports a bug with a severity of 2
The lower the number the more severe it is.
Short Description
wrong permissions for triggers invoked by rewrite rules
Long Description
Rewritten queries are normally executed with the permissions of the creator of the rewrite rule. However, triggers invoked by the rewritten query are not executed with the new permissions.
Sample Code
-- as user 'user1':
create table table1(id int);
create table table2(id int);
create function foo() returns opaque as 'begin
insert into table2 values(new.id);
return new;
end;' language 'plpgsql';
create trigger bar before insert on table2 for each row execute procedure foo();
create view view1 as select * from table1;
create rule view1_ins as on insert to view1 do instead insert into table1 values(new.id);
grant insert, select on view1 to user2;
-- as user 'user2':
insert into view1 values(1);
-- fails with: ERROR: table2: Permission denied.
No file was uploaded with this report