-
Notifications
You must be signed in to change notification settings - Fork 554
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
any user can access pg_catalog by default #11282
any user can access pg_catalog by default #11282
Conversation
3624ebf
to
87f74ad
Compare
handled both 1) and 2). Regarding 2), there are 17 tables under pg_catalog schema, where 5 will reflect on users' creations and the rest 12 are either empty or fixed tables. The 5 are pg_class, pg_proc, pg_namespace, pg_attribute, and pg_constraint where each has its own privileged access test now. |
b2b388b
to
37768bb
Compare
it would be better if I handle the remainder of #11111 (sys schema) and information_schema if necessary separately. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good 👍
Left some minor comments.
server/src/main/java/io/crate/metadata/pgcatalog/PgCatalogTableDefinitions.java
Outdated
Show resolved
Hide resolved
server/src/main/java/io/crate/metadata/pgcatalog/PgCatalogTableDefinitions.java
Outdated
Show resolved
Hide resolved
83bb087
to
359ce2e
Compare
Thank you @mfussenegger. I have applied all your suggestions. I have created Also, made few fixups. Although blob support will be dropped, I kept the blob related code for now so it can be handled all together. |
359ce2e
to
4f6a6e0
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
4f6a6e0
to
7426809
Compare
Hello Jordi, @mfussenegger @seut To briefly explain with an example, if a new user performs In my opinion, one way to handle is by backing out this PR except for the part that handles the login issue. Then it would be consistent with how information_schema is protected in CrateDB. Another option could be to allow default accesses to pg_catalog and information_schema (and block sys) which is the behaviour of Postgres. |
To clarify: You mean that users see entries related to the
I'd opt for the latter option, which was what #11111 was outlined. So I think a follow up that replaces the To make things consistent we should probably later on (separately) also make some changes to how the |
Yes, users still cannot access I will make the changes and then open an issue to track |
Summary of the changes / Why this improves CrateDB
This will allow the user can access generic system data from pg_catalog schema and only the data that the user has the privileges for. ex) From a fresh cluster, super user can see 71 rows from pg_class table. A new user should be able to see them as well without any privileges granted.
1) allow all users to access pg_catalog to handle below observations.
original behaviours on different clients:
crash
pgcli (cannot log on since it tries to access pg_catalog.pg_settings while logging in)
2) protect any rows that users do not have permissions for.
Checklist
CHANGES.txt
for user facing changessql_features
table for user facing changesCHANGES.txt
(E.g. AdminUI)