Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1tkS9B-00467K-8t
	for pgsql-hackers@arkaria.postgresql.org; Tue, 18 Feb 2025 18:16:41 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1tkS99-00CuHi-R2
	for pgsql-hackers@arkaria.postgresql.org; Tue, 18 Feb 2025 18:16:39 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <robertmhaas@gmail.com>)
	id 1tkS99-00CuHa-H7
	for pgsql-hackers@lists.postgresql.org; Tue, 18 Feb 2025 18:16:39 +0000
Received: from mail-ed1-x52c.google.com ([2a00:1450:4864:20::52c])
	by magus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.96)
	(envelope-from <robertmhaas@gmail.com>)
	id 1tkS97-001bjF-0K
	for pgsql-hackers@postgresql.org;
	Tue, 18 Feb 2025 18:16:39 +0000
Received: by mail-ed1-x52c.google.com with SMTP id 4fb4d7f45d1cf-5e0505275b7so4652665a12.3
        for <pgsql-hackers@postgresql.org>; Tue, 18 Feb 2025 10:16:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1739902596; x=1740507396; darn=postgresql.org;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:from:to:cc:subject:date
         :message-id:reply-to;
        bh=DQmV1Jrb3skDMgub/rV14PPDsXRWVx/SXd/mH3i/V9Y=;
        b=jpnsgPe2pNGXtTfWfE7gKyKsQW9b4nP39FzVBALzO9MrMYdmZjUrLA+qoG8x2Um6J1
         iW7mkcqvOo1PBqDrgj7CAktOksnO7iInk6rrl/0Se50E3r02TCxLnMEG/zCnlnVEvRwa
         9uH7dfRMnIC808SHGRhAMYrWyW5aBPYfqQ3h2xPrH1pK7gXcGebFP9zwbYvQpD9+3qNi
         KfB1STwbGz75fFsZA0e3sPLAgwmCk3uGh0WxGZofVnM3PbkzmYY6Ff0bDz1uf9GJW/pz
         CHGyMN+dETWrIlmFi/8ROSrwv3t8GN4LMNUF6CLJHSpHyRhfnGERmqFWfCFtPEfr79fI
         8BtA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1739902596; x=1740507396;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=DQmV1Jrb3skDMgub/rV14PPDsXRWVx/SXd/mH3i/V9Y=;
        b=CXyhFeBY0JkGlb1cSnuAI9UrZ7GxnxwNZIYDzrq17RnI+K9bbnsWky69umMWMthj0o
         bHlTO7UNlgI+9ZNTZkFPCi8XQxciBUAZoL3zyYsnF2XZ24rEelam0eHxCNqh4uOgltIk
         vv83Yv/chc0s2N4UKPA/0XoyKUWJa08ELj10Hl1ihlyC96T98HuSI9oIoe2zWeWL/fio
         aFY+gxpwbs74i0Xz0Z9JfVODUxTtSfo/xY6BDFIfM7IY0CB5OHYLH4U65Tre5j78KgL9
         bCeNXD4qbvkq7nRriljTzkmMtRb+XJob0A6sz3aZS7YxbCFfLyExVXG/a+OaAkLxvO7E
         OmwA==
X-Forwarded-Encrypted: i=1; AJvYcCWik7QzNzOKbY6MRw/zTrNWEWp0MVO27Uu6epffLITtyOlvchsGh3+YHr8wZvXukjyjQWX1/z6tWT5U6Y2S@postgresql.org
X-Gm-Message-State: AOJu0YwFeQJ5aytY+v/dLJ2OlM/8NUuRBjNLXT8eaS0D6xF/9JwXeayB
	BamcNAuN7eBGbW44iNBiQym1CdvN9w6tilkriSU0KFQnLZCPn0306I25wHyibMBKrFJr4wpAEdd
	+zl8MtNNDMkMo7IY0By8ZoA2skXI=
X-Gm-Gg: ASbGncusn/1nuDWeUAcKhCBo3UAu3up4tjVsJzPICdr3602GFfVKzeBayHOR2VAQquS
	MfS+o5DquRkZDNiybIbcn7LLouai8i7UT4cRG4NXIO+tKu+Jp2XXljgisBnCCBFvwur74gCtp
X-Google-Smtp-Source: AGHT+IFmXuYj+FS1RM/CQzVsE8n+swHqj1VpPCzptuIDO08GXhd6eQAyKoHh9yA6r8mq0scgtAYLFU4AeQP8Sx7YSDY=
X-Received: by 2002:a17:907:7eaa:b0:ab3:76fb:96ab with SMTP id
 a640c23a62f3a-abbcd113d0fmr57170966b.57.1739902595528; Tue, 18 Feb 2025
 10:16:35 -0800 (PST)
MIME-Version: 1.0
References: <CACX+KaMz2ZoOojh0nQ6QNBYx8Ak1Dkoko=D4FSb80BYW+o8CHQ@mail.gmail.com>
 <855988.1739816850@sss.pgh.pa.us> <CAKFQuwZ+EsCJHmBVdHeJ2XUWUBSGtN8k2icrX2hrPR=m7sLNGg@mail.gmail.com>
 <861660.1739819589@sss.pgh.pa.us> <CACX+KaMiZaFWVxYzZ_Lw-EBKgiO5GEBHmHREqs=GDpM88hRqdw@mail.gmail.com>
 <908583.1739822263@sss.pgh.pa.us> <CA+TgmobSc_x6thvXZvHoni5Gs5-wsxyTRiOMKoeuX5br0PCtDA@mail.gmail.com>
 <CACX+KaPv4apqG3=Ef+FB9nn4C4cd6Z+604ej0PPOHKExH45u2A@mail.gmail.com>
 <934709.1739829723@sss.pgh.pa.us> <CAKFQuwZThU_Z-Zw+3mr+ecp1BVOw777dp3nXU5-wTVk3kS10gw@mail.gmail.com>
 <CA+TgmoZG71zBpLOfCGZqGhtp=88z6=YYhi54TEsCtKr3v+UpoA@mail.gmail.com>
 <1243984.1739894558@sss.pgh.pa.us> <CA+Tgmob_W0iq9Kuugra3WYTO2429RMJ_+HkVukrXWOUN81QiEw@mail.gmail.com>
 <1246906.1739896202@sss.pgh.pa.us>
In-Reply-To: <1246906.1739896202@sss.pgh.pa.us>
From: Robert Haas <robertmhaas@gmail.com>
Date: Tue, 18 Feb 2025 13:16:24 -0500
X-Gm-Features: AWEUYZkjavwnydUQ04ZFLnye2ZPJ-QJ8YttG6BnImhwQzQPmg95RMcQT94VzHZA
Message-ID: <CA+TgmoZYM2az+yCWu5DBnV50N_BE9f1r8-Doy6-tZTySeb-s+A@mail.gmail.com>
Subject: Re: Clarification on Role Access Rights to Table Indexes
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: "David G. Johnston" <david.g.johnston@gmail.com>, Ayush Vatsa <ayushvatsa1810@gmail.com>, 
	PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
List-Id: <pgsql-hackers.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-hackers@lists.postgresql.org>
List-Owner: <mailto:pgsql-hackers-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-hackers>
Archived-At: <https://www.postgresql.org/message-id/CA%2BTgmoZYM2az%2ByCWu5DBnV50N_BE9f1r8-Doy6-tZTySeb-s%2BA%40mail.gmail.com>
Precedence: bulk

On Tue, Feb 18, 2025 at 11:30=E2=80=AFAM Tom Lane <tgl@sss.pgh.pa.us> wrote=
:
> I have no objection to it, but I wasn't as entirely convinced
> as you are that it's the only plausible answer.

Hmm, OK.

> One specific thing I'm slightly worried about is that a naive
> implementation would probably cause this function to lock the
> table after the index, risking deadlock against queries that
> take the locks in the more conventional order.  I don't recall
> what if anything we've done about that in other places
> (-ENOCAFFEINE).

Yeah, that seems like a good thing to worry about from an
implementation point of view but it doesn't seem like a reason to
question the basic design choice. In general, if you can use a table,
you also get to use its indexes, so that interpretation seems natural
to me here, also. Now, if somebody finds a problem with requiring only
SELECT permission, I could see changing the requirements for both
tables and indexes, but I find it harder to imagine that we'd want
those things to work differently from each other. Of course I'm
willing to be convinced that there's a good reason for them to be
different; I just can't currently imagine what it might be.

--=20
Robert Haas
EDB: http://www.enterprisedb.com