poc-test-ownership.txt
text/plain
Filename: poc-test-ownership.txt
Type: text/plain
Part: 0
From 3c21d00d7355d97d3bea62f010db773f469ac54c Mon Sep 17 00:00:00 2001
From: Dilip Kumar <dilipkumarb@google.com>
Date: Mon, 4 May 2026 18:25:45 +0530
Subject: [PATCH] test ownership
---
src/backend/catalog/aclchk.c | 2 +-
src/bin/initdb/initdb.c | 1 +
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/backend/catalog/aclchk.c b/src/backend/catalog/aclchk.c
index 67424fe3b0c..ee814a534a4 100644
--- a/src/backend/catalog/aclchk.c
+++ b/src/backend/catalog/aclchk.c
@@ -3345,7 +3345,7 @@ pg_class_aclmask_ext(Oid table_oid, Oid roleid, AclMode mask,
* themselves. ACL_USAGE is if we ever have system sequences.
*/
if ((mask & (ACL_INSERT | ACL_UPDATE | ACL_DELETE | ACL_TRUNCATE | ACL_USAGE)) &&
- IsSystemClass(table_oid, classForm) &&
+ IsSystemClass(table_oid, classForm) && !IsConflictClass(classForm) &&
classForm->relkind != RELKIND_VIEW &&
!superuser_arg(roleid))
mask &= ~(ACL_INSERT | ACL_UPDATE | ACL_DELETE | ACL_TRUNCATE | ACL_USAGE);
diff --git a/src/bin/initdb/initdb.c b/src/bin/initdb/initdb.c
index 14cb79c26be..fa3316fcb97 100644
--- a/src/bin/initdb/initdb.c
+++ b/src/bin/initdb/initdb.c
@@ -1839,6 +1839,7 @@ setup_privileges(FILE *cmdfd)
" AND relacl IS NULL;\n\n",
escape_quotes(username));
PG_CMD_PUTS("GRANT USAGE ON SCHEMA pg_catalog, public TO PUBLIC;\n\n");
+ PG_CMD_PUTS("GRANT USAGE ON SCHEMA pg_conflict TO pg_create_subscription;\n\n");
PG_CMD_PUTS("REVOKE ALL ON pg_largeobject FROM PUBLIC;\n\n");
PG_CMD_PUTS("INSERT INTO pg_init_privs "
" (objoid, classoid, objsubid, initprivs, privtype)"
--
2.49.0