Re: Clarification on Role Access Rights to Table Indexes
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Ayush Vatsa <ayushvatsa1810@gmail.com>
Cc: Robert Haas <robertmhaas@gmail.com>,
"David G. Johnston" <david.g.johnston@gmail.com>,
PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Date: 2025-02-17T22:02:03Z
Lists: pgsql-hackers, pgsql-general
Ayush Vatsa <ayushvatsa1810@gmail.com> writes: > Thanks Robert for confirming, let me submit a patch to fix the same. Well, the first thing you need is consensus on what the behavior should be instead. I have a very vague recollection that we concluded that SELECT privilege was a reasonable check because if you have that you could manually prewarm by reading the table. That would lead to the conclusion that the minimal fix is to look at the owning table's privileges instead of the index's own privileges. Or we could switch to using ownership, which'd keep the code simple but some users might complain it's too restrictive. While I mentioned built-in roles earlier, I now think those mostly carry more privilege than should be required here, given the analogy to SELECT. regards, tom lane
Commits
-
Fix privilege checks for pg_prewarm() on indexes.
- fae0ce5e318e 16.11 landed
- f146eb45cb1a 14.20 landed
- a0551bc5734b 17.7 landed
- 6c03ae8d6e81 15.15 landed
- 3ccf8e9ac96e 18.1 landed
- 208927e65692 19 (unreleased) landed
- 19a64f5676bb 13.23 landed
-
Fix lookup code for REINDEX INDEX.
- 079480dc2022 19 (unreleased) landed
-
Fix redefinition of typedef RangeVar.
- 15d7dded0e93 18.1 landed
-
Fix lookups in pg_{clear,restore}_{attribute,relation}_stats().
- c8af5019bee5 18.1 landed
- 688dc6299a5b 19 (unreleased) landed
-
dblink: Avoid locking relation before privilege check.
- c9b299f6df98 19 (unreleased) landed