Re: Why ACL_EXECUTE is checked on FindConversion()?
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: KaiGai Kohei <kaigai@ak.jp.nec.com>
Cc: pgsql-hackers@postgresql.org
Date: 2009-08-19T18:27:53Z
Lists: pgsql-hackers
KaiGai Kohei <kaigai@ak.jp.nec.com> writes: > When FindConversion() is called, it also checks current user's ACL_EXECUTE > privilege on the conproc of the fetched conversion. > Why this check is applied on FindConversion(), instead of FindDefaultConversion()? Does seem pretty inconsistent, doesn't it? The original idea may have been to provide a substitute for a USAGE ACL check on conversions, in which case it's not totally insane: if you make a conversion default then you're implicitly granting it to public. But there's no documentation about this. Offhand I see no really good reason to have a usage check on conversions, and would be happy with removing this one. The function permission check at CREATE CONVERSION time ought to be sufficient. regards, tom lane