> On Mar 25, 2024, at 07:20, Daniel Gustafsson wrote:
>
>> On 25 Mar 2024, at 15:09, Tom Lane wrote:
>
>> My initial reaction is that we should warn only when the command
>> is a complete no-op, that is none of the mentioned privileges
>> matched.
>
> That's my gut reaction too,
I think t
> On 25 Mar 2024, at 15:09, Tom Lane wrote:
> My initial reaction is that we should warn only when the command
> is a complete no-op, that is none of the mentioned privileges
> matched.
That's my gut reaction too,
--
Daniel Gustafsson
Christophe Pettus writes:
> Right now, if you do a REVOKE that doesn't actually revoke anything, it works
> silently. This can be a bit of a foot-gun. For example:
> CREATE FUNCTION f() RETURNS int as $$ SELECT 1; $$ LANGUAGE sql;
> REVOKE EXECUTE ON FUNCTION f() FROM lowpriv;
> Na
> On 25 Mar 2024, at 14:54, Christophe Pettus wrote:
>
> Right now, if you do a REVOKE that doesn't actually revoke anything, it works
> silently. This can be a bit of a foot-gun. For example:
>
> CREATE FUNCTION f() RETURNS int as $$ SELECT 1; $$ LANGUAGE sql;
> REVOKE EXECUTE ON
Right now, if you do a REVOKE that doesn't actually revoke anything, it works
silently. This can be a bit of a foot-gun. For example:
CREATE FUNCTION f() RETURNS int as $$ SELECT 1; $$ LANGUAGE sql;
REVOKE EXECUTE ON FUNCTION f() FROM lowpriv;
Naively, it might be expected that
