Mikhail Gribkov <youzh...@gmail.com> writes:
> What do you think?
I think this will break cases we don't want to break.
Accessing the metadata of other temp tables is fine, and indeed
necessary for operations like dropping them. It's access to
the table contents that needs to be blocked. I'm surprised
that we don't have sufficient tests at that level.
[ experiments... ] It looks like this did work as expected up
through v15. So somebody broke it fairly recently, perhaps
as a side effect of the table-AM work. Might be worth bisecting
to see where it broke.
(Realistically though, this is all only a problem for superusers,
who are supposed to Know Better. For ordinary users the permissions
set on temp schemas ought to be enough to prevent such things.)
regards, tom lane
