| Lists: | Postg토토 사이트SQL : Postg토토 사이트SQL 메일 링리스트 : 2000-02-23 이후 PGSQL-BUGS. |
|---|
| From: | Jerome ALET <alet(at)unice(dot)fr> |
|---|---|
| To: | pgsql-bugs(at)postgresql(dot)org |
| Cc: | alet(at)unice(dot)fr |
| Subject: | drop user bug ? |
| Date: | 2000-02-23 09:21:00 |
| Message-ID: | Pine.LNX.3.96.1000223100507.7506A-100000@cortex.unice.fr |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | Postg토토 사이트SQL : Postg토토 사이트SQL 메일 링리스트 : 2000-02-23 이후 PGSQL-BUGS. |
Hi,
I suppose the following is a bug, but it's not a coding one, just a
bug in the way postgresql works, or maybe it's only a feature I don't
understand (if that's the case I sincerely apologize) :
I use postgresql 6.5.3 under Linux 2.0.35 + libc 5.3.12, but I suppose
this doesn't matter:
vroum=> CREATE USER john;
CREATE USER
vroum=> GRANT SELECT,UPDATE ON couleur TO john;
CHANGE
vroum=> \z
Database = vroum
+------------------+------------------------------+
| Relation | Grant/Revoke Permissions |
+------------------+------------------------------+
| couleur | {"=","uvroum=arwR","john=rw"} |
vroum=> DROP USER john;
DROP USER
vroum=> \z
Database = vroum
+------------------+------------------------------+
| Relation | Grant/Revoke Permissions |
+------------------+------------------------------+
| couleur | {"=","uvroum=arwR","2001=rw"} |
the grant revoke permissions weren't updated !
So I try to update them manually:
vroum=> REVOKE ALL ON couleur FROM "2001";
ERROR: aclparse: non-existent user "2001"
vroum=> REVOKE ALL ON couleur FROM 2001;
ERROR: parser: parse error at or near "2001"
vroum=>
this seems impossible without manually updating some system tables, which
I haven't tried.
IMHO the DROP USER should have updated all Grant/Revoke permissions.
another bug IMHO is that if I do this (CREATE USER, GRANT, DROP USER) 2
times with 2 different user names, then the same userid (2001) is used.
I think the userid shouldn't be reused, especially because of the above
mentionned problem which could very well cause security problems (not
tested).
Jerome ALET - alet(at)unice(dot)fr - http://cortex.unice.fr/~jerome
Faculte de Medecine de Nice - http://noe.unice.fr - Tel: 04 93 37 76 30
28 Avenue de Valombrose - 06107 NICE Cedex 2 - FRANCE
| From: | Peter Eisentraut <e99re41(at)DoCS(dot)UU(dot)SE> |
|---|---|
| To: | Jerome ALET <alet(at)unice(dot)fr> |
| Cc: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | Re: [BUGS] drop user bug ? |
| Date: | 2000-02-23 13:48:13 |
| Message-ID: | Pine.GSO.4.02A.10002231446540.29518-100000@Delfin.DoCS.UU.SE |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-bugs |
On Wed, 23 Feb 2000, Jerome ALET wrote:
> vroum=> DROP USER john;
> the grant revoke permissions weren't updated !
Yup, certainly a bug. Unfortunately not easy to fix without reorganizing
how permissions are stored. I plan to do that some time.
--
Peter Eisentraut Sernanders vaeg 10:115
peter_e(at)gmx(dot)net 75262 Uppsala
http://yi.org/peter-e/ Sweden