Fabien COELHO wrote: > > Dear Bruce, > > > > > Well, if I issue a "REVOKE" and the rights are not revoked and could never > > > > have been because I have no right to issue such statement on the object, I > > > > tend to call this deep absence of success a "failure". > > > > > > > If I do the very opposite GRANT, I have a clear "permission denied". > > > > > > Oh, I thought you were complaining that revoking rights not previously > > > granted should be an error. I agree with the above; in fact it's a > > > duplicate of a previous complaint. > > > > Did we resolve this? Is it a TODO? > > No? No? > > There has been a lot of off-line discussion about how to interpret the > standard on this point. I'm not even sure we perfectly agreed in the end, > although our understanding of the issues improved a lot through the > discussion. As a summary, it is pretty subtle, especially as the standard > wording is contrived, and postgres does not do what should be done in a > lot of cases. There are also actual "security" bugs. > > For the TODO, I would suggest something general: > > - fix grant/revoke wrt SQL standard, validate errors, warnings and successes.
Tom, is this done? -- Bruce Momjian | http://candle.pha.pa.us [EMAIL PROTECTED] | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073 ---------------------------(end of broadcast)--------------------------- TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]
