"Kevin Grittner" <kevin.gritt...@wicourts.gov> writes:
> Tom Lane wrote:
>> More to the point, a GUC rollback transition *has to always
>> succeed*. Period.
> [ counterexample showing we should sometimes disallow "RESET" ]
This actually isn't what I was talking about: a RESET statement is a
commanded adoption of a new value that happens to be gotten off the
stack, and there's not a lot of logical difficulty in letting it fail.
What I was concerned about was the case where GUC is trying to
re-establish an old value during transaction rollback. For example,
assume we are superuser to start with, and we do
begin;
set role unprivileged_user;
...
rollback;
The rollback needs to transition the role setting back to superuser.
A check based purely on allowed transitions would disallow that, since
it's not visibly different from the unprivileged_user trying to make
himself superuser. You have to take the context of the state change
into account.
And yeah, I agree it's a bug that you can do what Kevin's example shows.
regards, tom lane
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
