On Tue, May 12, 2009 at 12:10, Alex Hunsaker <bada...@gmail.com> wrote: > On Mon, May 11, 2009 at 21:18, Tom Lane <t...@sss.pgh.pa.us> wrote: > >> However, he can do that anyway via ALTER TABLE, which >> will happily take out AccessExclusiveLock before it checks any >> permissions. So I'm not seeing the point of risking unsafe behavior >> in LOCK TABLE. > > I would rather fix ALTER TABLE to do something similar to test and > test-and-set... From a quick look TRUNCATE also seems to be prone to > this.
Arg ok so TRUNCATE was a bad example because it checks ACL_TRUNCATE. Hrm on second thought I think your right. They only get the lock until the permission check, and I have a hard time seeing how someone can take real advantage of that. The owner that is trying to lock table should get the lock almost immediately even if there are say a few hundred non-owner clients trying to lock it. So +1 for fixing the LOCK TABLE. Is ALTER TABLE RENAME at risk at well? It calls CheckRelationOwnership before it grabs an AccessExclusiveLock. -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
