subject:"\[HACKERS\] Query regarding permission on table_column%type access"

Re: [HACKERS] Query regarding permission on table_column%type access

2017-10-31 Thread Tom Lane

Stephen Frost writes: > * Neha Sharma (neha.sha...@enterprisedb.com) wrote: >> I have observed that even if the user does not have permission on a >> table(created in by some other user),the function parameter still can have >> a parameter of that table_column%type. > This is

Re: [HACKERS] Query regarding permission on table_column%type access

2017-10-31 Thread Stephen Frost

Greetings, * Neha Sharma (neha.sha...@enterprisedb.com) wrote: > I have observed that even if the user does not have permission on a > table(created in by some other user),the function parameter still can have > a parameter of that table_column%type. This is because the creation of the table

[HACKERS] Query regarding permission on table_column%type access

2017-10-31 Thread Neha Sharma

Hi, I have observed that even if the user does not have permission on a table(created in by some other user),the function parameter still can have a parameter of that table_column%type. Scenario: postgres=# create user u1 with login ; CREATE ROLE postgres=# create user u2 with login ; CREATE