Re: Re: Re: Revoke Connect Privilege from Database not working
Nathan Bossart <nathandbossart@gmail.com>
From: Nathan Bossart <nathandbossart@gmail.com>
To: "David G. Johnston" <david.g.johnston@gmail.com>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, "Ing. Marijo Kristo" <marijo.kristo@icloud.com>, PostgreSQL Bug List <pgsql-bugs@lists.postgresql.org>
Date: 2025-11-13T16:47:14Z
Lists: pgsql-bugs
Commits
Same data as JSON:
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Allow choosing specific grantors via GRANT/REVOKE ... GRANTED BY.
- dd1398f13787 19 (unreleased) landed
Attachments
- v1-0001-GRANTED-BY.patch (text/plain)
On Mon, Apr 07, 2025 at 09:22:45AM -0700, David G. Johnston wrote: > On Mon, Apr 7, 2025 at 9:06 AM Tom Lane <tgl@sss.pgh.pa.us> wrote: >> I believe what's going on there is explained by the rule that >> "grants and revokes done by a superuser are done as if issued >> by the object owner". So here, what would be revoked is >> test_user=c/postgres, which isn't the privilege at issue. >> Include GRANTED BY in the REVOKE to override the default >> choice of grantor. > > The command in question did include "granted by" which is why this is a > bug. The explicit granted by specification is being ignored if the > invoking user is a superuser. This is admittedly a half-formed idea, but perhaps we could have whatever's specified in GRANTED BY override select_best_grantor(), like in the attached patch. I've no idea if this is the intention of the standard, but it should at least address the reported issue. FWIW I recently received an independent report about the same thing. -- nathan