Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1tk7FV-000BSM-6x
	for pgsql-hackers@arkaria.postgresql.org; Mon, 17 Feb 2025 19:57:49 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1tk7FT-002R5t-OT
	for pgsql-hackers@arkaria.postgresql.org; Mon, 17 Feb 2025 19:57:47 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <tgl@sss.pgh.pa.us>)
	id 1tk7FT-002R5l-FG
	for pgsql-hackers@lists.postgresql.org; Mon, 17 Feb 2025 19:57:47 +0000
Received: from sss.pgh.pa.us ([68.162.161.243])
	by magus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <tgl@sss.pgh.pa.us>)
	id 1tk7FR-001Ptg-18
	for pgsql-hackers@postgresql.org;
	Mon, 17 Feb 2025 19:57:47 +0000
Received: from sss1.sss.pgh.pa.us (localhost [127.0.0.1])
	by sss.pgh.pa.us (8.15.2/8.15.2) with ESMTP id 51HJvhOP908584;
	Mon, 17 Feb 2025 14:57:43 -0500
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Ayush Vatsa <ayushvatsa1810@gmail.com>
cc: "David G. Johnston" <david.g.johnston@gmail.com>,
        PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Subject: Re: Clarification on Role Access Rights to Table Indexes
In-reply-to: <CACX+KaMiZaFWVxYzZ_Lw-EBKgiO5GEBHmHREqs=GDpM88hRqdw@mail.gmail.com>
References: <CACX+KaMz2ZoOojh0nQ6QNBYx8Ak1Dkoko=D4FSb80BYW+o8CHQ@mail.gmail.com> <855988.1739816850@sss.pgh.pa.us> <CAKFQuwZ+EsCJHmBVdHeJ2XUWUBSGtN8k2icrX2hrPR=m7sLNGg@mail.gmail.com> <861660.1739819589@sss.pgh.pa.us> <CACX+KaMiZaFWVxYzZ_Lw-EBKgiO5GEBHmHREqs=GDpM88hRqdw@mail.gmail.com>
Comments: In-reply-to Ayush Vatsa <ayushvatsa1810@gmail.com>
	message dated "Tue, 18 Feb 2025 01:12:44 +0530"
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <908582.1739822263.1@sss.pgh.pa.us>
Date: Mon, 17 Feb 2025 14:57:43 -0500
Message-ID: <908583.1739822263@sss.pgh.pa.us>
List-Id: <pgsql-hackers.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-hackers@lists.postgresql.org>
List-Owner: <mailto:pgsql-hackers-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-hackers>
Archived-At: <https://www.postgresql.org/message-id/908583.1739822263%40sss.pgh.pa.us>
Precedence: bulk

Ayush Vatsa <ayushvatsa1810@gmail.com> writes:
>> As it stands, a superuser can prewarm an index (because she bypasses all
>> privilege checks including this one), but nobody else can.

> That's not fully true. Any role can prewarm an index if the role has the
> correct privileges.

Ah, right.  An index will have null pg_class.relacl, which'll be
interpreted as "owner has all rights", so it will work for the
table owner too.  Likely this explains the lack of prior complaints.
It's still a poor design IMO.

			regards, tom lane