]> granicus.if.org Git - postgresql/commit
projects / postgresql / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d17cf76) | patch
Fix cascading privilege revoke to notice when privileges are still held.
authorTom Lane <tgl@sss.pgh.pa.us>
Thu, 23 Aug 2012 21:25:28 +0000 (17:25 -0400)
committerTom Lane <tgl@sss.pgh.pa.us>
Thu, 23 Aug 2012 21:25:28 +0000 (17:25 -0400)
commitbf3b85c6bed2e6b2c104c21d18e78bdb3bcdfb06
tree8c4121739dc093f1002d5776a099bf3ac32cafeetree | snapshot
parentd17cf76bed16029bc930fbf4094d8e8112e22aa7commit | diff
Fix cascading privilege revoke to notice when privileges are still held.

If we revoke a grant option from some role X, but X still holds the option
via another grant, we should not recursively revoke the privilege from
role(s) Y that X had granted it to.  This was supposedly fixed as one
aspect of commit 4b2dafcc0b1a579ef5daaa2728223006d1ff98e9, but I must not
have tested it, because in fact that code never worked: it forgot to shift
the grant-option bits back over when masking the bits being revoked.

Per bug #6728 from Daniel German.  Back-patch to all active branches,
since this has been wrong since 8.0.
src/backend/utils/adt/acl.c diff | blob | history
src/test/regress/expected/privileges.out diff | blob | history
src/test/regress/sql/privileges.sql diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.