Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sql: only connect privilege should be checked to see if a user can see a descriptor (for vtables) #59827

Open
RichardJCai opened this issue Feb 4, 2021 · 2 comments
Open

sql: only connect privilege should be checked to see if a user can see a descriptor (for vtables) #59827

RichardJCai opened this issue Feb 4, 2021 · 2 comments
Labels
A-sql-privileges SQL privilege handling and permission checks. C-enhancement Solution expected to add code/behavior + preserve backward-compat (pg compat issues are exception) T-sql-foundations SQL Foundations Team (formerly SQL Schema + SQL Sessions)
Projects
SQL Sessions - Deprecated

Comments

@RichardJCai
Copy link
Contributor

RichardJCai commented Feb 4, 2021
edited by cockroach-jira-scripts

CONNECT privilege is being added in this PR: #59676

However we still will check if the user has ANY privilege in userCanSeeDescriptor to determine if they can see the descriptor.

canSeeDescriptor := p.CheckAnyPrivilege(ctx, desc) == nil

We may want to deprecate this behaviour of allowing the object in vtables (pg_catalog/information_schema) to be seen if the user has any privilege on the descriptor and only allow users to see the object if they have connect privilege on the database.

Jira issue: CRDB-3226
@RichardJCai RichardJCai added C-enhancement Solution expected to add code/behavior + preserve backward-compat (pg compat issues are exception) A-sql-privileges SQL privilege handling and permission checks. labels Feb 4, 2021
@RichardJCai RichardJCai added this to Triage in SQL Sessions - Deprecated via automation Feb 4, 2021
@rafiss rafiss mentioned this issue Feb 12, 2021
Closed
@rafiss
Copy link
Collaborator

rafiss commented Feb 23, 2021
edited

One corollary to this is that we would need to do a privilege migration so that existing users who have other privileges would automatically receive the CONNECT privilege.

We won't get to this as single item -- it would be part of a larger rethink of privilege refactor.

@rafiss rafiss moved this from Triage to Longer term backlog in SQL Sessions - Deprecated Feb 23, 2021
@rafiss rafiss added the T-sql-foundations SQL Foundations Team (formerly SQL Schema + SQL Sessions) label May 12, 2021
@github-actions
Copy link

github-actions bot commented Sep 5, 2023

We have marked this issue as stale because it has been inactive for
18 months. If this issue is still relevant, removing the stale label
or adding a comment will keep it active. Otherwise, we'll close it in
10 days to keep the issue queue tidy. Thank you for your contribution
to CockroachDB!

@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Sep 18, 2023
@rafiss rafiss reopened this Sep 18, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-sql-privileges SQL privilege handling and permission checks. C-enhancement Solution expected to add code/behavior + preserve backward-compat (pg compat issues are exception) T-sql-foundations SQL Foundations Team (formerly SQL Schema + SQL Sessions)
Projects
No open projects
SQL Sessions - Deprecated
Longer term backlog
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rafiss @RichardJCai