On Fri, Nov 26, 2010 at 7:11 PM, Robert Haas <robertmh...@gmail.com> wrote: > I'm not totally convinced that this is the correct behavior. It seems > a bit surprising that UPDATE privilege on a single column is enough to > lock out all SELECT activity from the table. It's actually a bit > surprising that even full-table UPDATE privileges are enough to do > this, but this change would allow people to block access to data they > can neither see nor modify. That seems counterintuitive, if not a > security hole.
The way I see it, it's a Good Thing to encourage people to assign UPDATE privileges on tables only as minimally as possible. The damage that a poorly coded or malicious user can do with LOCK TABLE privileges is insignificant next to the damage they can do with more UPDATE privileges than they really need. Right now, we're basically encouraging admins to grant full-table update privileges when that's not really necessary. If, in the future, Postgres supports the ability to LOCK TABLE only on specific columns, I think we could refine this permissions check so that column-level update privileges only allowed the user to lock those columns. But I think this patch is a step in the right direction. Josh -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
