On 2021-06-08 11:49, Michael Paquier wrote:
On Sun, Jun 06, 2021 at 11:13:40AM -0400, Tom Lane wrote:
Julien Rouhaud <rjuju...@gmail.com> writes:
However +1 for the patch, as it seems more consistent to always get a
permission failure if you're not a superuser.
Yeah, it's just weird if such a check is not the first thing
in the function. Even if you can convince yourself that the
actions taken before that don't create any security issue today,
it's not hard to imagine that innocent future code rearrangements
could break that argument. What's the value of postponing the
check anyway?
Thanks for the input, I have applied the patch.
Thanks for your modification!
BTW, I did the same thing in another patch I'm proposing[1], so I'll fix
that as well.
[1]
https://www.postgresql.org/message-id/c6682a25f3f0e9bd520707342219eac5%40oss.nttdata.com
Regards,
--
Atsushi Torikoshi
NTT DATA CORPORATION
