Re: Change in "policy" on dump ordering?
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Jordan Gigov <coladict@gmail.com>
Cc: Robert Haas <robertmhaas@gmail.com>, Stephen Frost <sfrost@snowman.net>,
Peter Eisentraut <peter.eisentraut@2ndquadrant.com>,
Michael Banck <michael.banck@credativ.de>,
Jim Nasby <Jim.Nasby@bluetreble.com>,
Kevin Grittner <kgrittn@gmail.com>,
Pg Hackers <pgsql-hackers@postgresql.org>
Date: 2017-07-26T15:35:55Z
Lists: pgsql-hackers
Jordan Gigov <coladict@gmail.com> writes: > But why should a superuser need the ACL to be applied before being allowed > access? If you make the permission-checking function check if the user is a > superuser before looking for per-user grants, wouldn't that solve the issue? The superuser's permissions are not relevant, because the materialized view is run with the permissions of its owner, not the superuser. We are not going to consider changing that, either, because it would open trivial-to-exploit security holes (any user could set up a trojan horse matview and just wait for the next pg_upgrade or dump/restore). regards, tom lane
Commits
-
Fix pg_dump/pg_restore to emit REFRESH MATERIALIZED VIEW commands last.
- b93217653b68 9.4.13 landed
- 65048cf23dba 9.5.8 landed
- 3d76328298ca 9.6.4 landed
- 3eb9a5e7c4c9 10.0 landed
- 035bb82222bc 9.3.18 landed