Re: BUG #17511: Inconsistent permissions on some information_schema tables
David G. Johnston <david.g.johnston@gmail.com>
From: "David G. Johnston" <david.g.johnston@gmail.com>
To: khp@equatoria.us, PostgreSQL mailing lists <pgsql-bugs@lists.postgresql.org>
Date: 2022-06-06T19:59:32Z
Lists: pgsql-bugs
On Mon, Jun 6, 2022 at 11:50 AM PG Bug reporting form < noreply@postgresql.org> wrote: > The following bug has been logged on the website: > > Bug reference: 17511 > Logged by: Kirk Parker > Email address: khp@equatoria.us > PostgreSQL version: 13.7 > Operating system: AWS Linux 2 -- 4.14.276-211.499.amzn2.x86_64 > Description: > [...] > The table at issue is constraint_column_usage--the ordinary role 'apache' > does not have SELECT rights to that table, though it does to the other two > catalog tables used by this query. > > Yes, there's an easy workaround by just GRANTing SELECT on that table to > 'apache', but it seems like an odd inconsistency. Interestingly, the same > limitation does not apply to pg_catalog.pg_get_constraintdef(), which is > used by psql's \dt command, but that query does not produce the local > column > name as a separate result column (which is more useful for my immediate > purpose here.) > Haven't tried to duplicate but I'm not following. information_schema provides a view of the database that is filtered by user permissions. pg_catalog does not take into consideration permissions. This would be on the contents. All users can select from either without getting a permission denied error. David J.