Now, why does Florian see a permissions failure (which is really the *right* behavior) when we don't? He didn't say exactly which PG version he was running, but I see a likely-related bug fix between 7.3.2 and 7.3.3:
That seems to be it:
# psql regression Welcome to psql 7.3.2, the PostgreSQL interactive terminal.
Type: \copyright for distribution terms
\h for help with SQL commands
\? for help on internal slash commands
\g or terminate with semicolon to execute query
\q to quitregression=# \c template1 You are now connected to database template1. template1=# create user testuser password 'pw' nocreatedb nocreateuser; CREATE USER template1=# create database testdb owner testuser encoding 'utf-8'; CREATE DATABASE template1=# \c testdb testuser You are now connected to database testdb as user testuser. testdb=> update pg_settings set setting='public' where name='search_path' ; ERROR: pg_settings: permission denied
This fix may need to be rethought. I'm not sure though where is a clean place to plug in the UPDATE permissions check given that the rules for this case do not generate any UPDATE query.
Do you want me to take a look at this, or are you planning to?
Joe
---------------------------(end of broadcast)--------------------------- TIP 5: Have you checked our extensive FAQ?
http://www.postgresql.org/docs/faqs/FAQ.html
