Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1v8hWu-001lRI-Pz for pgsql-hackers@arkaria.postgresql.org; Tue, 14 Oct 2025 16:05:40 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1v8hWt-001IUh-EU for pgsql-hackers@arkaria.postgresql.org; Tue, 14 Oct 2025 16:05:38 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1v8hWt-001IUY-4n for pgsql-hackers@lists.postgresql.org; Tue, 14 Oct 2025 16:05:38 +0000 Received: from mail-io1-xd35.google.com ([2607:f8b0:4864:20::d35]) by makus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.96) (envelope-from ) id 1v8hWq-001k7A-0p for pgsql-hackers@postgresql.org; Tue, 14 Oct 2025 16:05:36 +0000 Received: by mail-io1-xd35.google.com with SMTP id ca18e2360f4ac-92c4adc8bfeso487197639f.0 for ; Tue, 14 Oct 2025 09:05:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1760457935; x=1761062735; darn=postgresql.org; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date:from:to :cc:subject:date:message-id:reply-to; bh=QsmFoFBb1hTk3gXPUlzSDSSJQ3tTqQK0Gr2s5WbaUP4=; b=ECB1wXk7moR+pTVrOTSTDSvcaIJyFYnAju1muK1CxoAgIJ3aFi2TkdSh5uaIptavO4 j/dyW1AfNMy4V0kbQMNaQ8vuICtaeSUYb6y5/FE+jppgDuSciYi2yPudrVzSINtG7dk0 IvVGdA2LPwIuU2Wf5xSKJkUclQNFLJ3ojHP1AKx3auw4l4cnrvCqWB8zxbyxVC8C3h6x XZ83GntgX8HjptlJA1ntc09tB9USBRwaIaXoFUOmjkEMNsCyh5fV6OZJtn68JtjAIDim gP8b4bWY079k5qC94GTPPuG7xmpy21BDFETuNpvPSHEgxJWKRtDJgojajlgEnd0wcunc ddMA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1760457935; x=1761062735; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=QsmFoFBb1hTk3gXPUlzSDSSJQ3tTqQK0Gr2s5WbaUP4=; b=qT67x5t+3JaJy4ADvkvvUjgp8+YPBF0awpbYOmfVKoRfILnsff/MBcXuI/fg5Nr5VR utP6w2Fs8smixzQIWEq9oVman5e0rk4m0yorNnQR0QrFYqV/8lFCRuMG0ur7jFWq/7jq tN5U6PwsNGNe83apslIRrqZJDvdq8gQoXQsc3V7DXEBso/VFcb50Kog+1rWmZFGGOrU5 tsFUgAW3EMzG5CVKV8j7iKChylrFdDwgKJhQY8csr/okxTOxOj/zEGi4SruGBxAYfMlx qHT6gNBAv062Z5tvJ+RnJ0u4rp/zG3C1Mu0Fm7jcW1/E25Umf079dvgrIhL9gNxqSka7 aZcg== X-Forwarded-Encrypted: i=1; AJvYcCU9PPFh5+/L/HDM/LD/2c8jtuLy0751i7SiLsK0WvOBdfXklXJ/ARrK7eS/T28ofOQf/aPjeIdNRU9mSUJQ@postgresql.org X-Gm-Message-State: AOJu0Yw0KFOJW22rgpJWL6Dk5Ma5XVTXT0XKcFhBkvv2pgq16T5z890+ 0GfqOe/NZyHHBykRv1NnTGlKnL9FdVyNs6ymNRDYmBxSvMxgpOOEsogB1CQUFA== X-Gm-Gg: ASbGnctrYJcGL2v+4N8UBypR+eDrmeZg0RDFbsq5WBz3z8ZNVoMcXGUFTFB2Fj0Fx8z a+Fo8u1lwHv2abrB4RLBHigVHvqhXtmq2cj/mOrYpXTN7/ZHg0MzIJR1ji6w1L49QcpD7z2tQn1 42itoYeAGnDylQuoUKBVGS2HrAmqQnV4cuWmtr15lVUlHEVuaAkO32G8mAo1Sb9Htd0mccsy0Pn qOgLZMGbecpaqFEL1X3M6v0YnZTxEQ0pZXhY1t8YjYl0blBgdGtcDcVKUuKWc1RaE1RCy4gU/nY 2Lp18Wf+V5cEm89BsRv5nMIpoEp9ilBxYp7JRQ3acm+YMFRTpclKLraNQKdlnorAK9W8jk2Nmf3 BJrjiP7jqYigfIPPXE4kVDsV83HLfe7JtO2BtEcKcX4W13gThk/cK+v8SttMPzxTvL5CBBrNW5H gqmwQR1+LmKUvTGyLa/mhRnKWVU59EBiKKsC8VxnN9vw== X-Google-Smtp-Source: AGHT+IEFy7gmgmecdtnnVMuRMQix1GYLZ9Bj73jKyVaZ+0koKnBDQ3bfIRrjAHDaFsGQwepgv/qxUQ== X-Received: by 2002:a05:6e02:1486:b0:42f:9bb5:1c4a with SMTP id e9e14a558f8ab-42f9bb5213amr200669515ab.27.1760457935311; Tue, 14 Oct 2025 09:05:35 -0700 (PDT) Received: from nathan (162-195-168-172.lightspeed.stlsmo.sbcglobal.net. [162.195.168.172]) by smtp.gmail.com with ESMTPSA id e9e14a558f8ab-42f90342350sm63559855ab.25.2025.10.14.09.05.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 14 Oct 2025 09:05:34 -0700 (PDT) Date: Tue, 14 Oct 2025 11:05:32 -0500 From: Nathan Bossart To: Jeff Davis Cc: Corey Huinker , Tom Lane , Ayush Vatsa , Robert Haas , "David G. Johnston" , PostgreSQL Hackers Subject: Re: Clarification on Role Access Rights to Table Indexes Message-ID: References: <3432170.1758730414@sss.pgh.pa.us> <8af53c6e8992aa706e63aafe60a3bcf100b524d1.camel@j-davis.com> <7b0e2774cdcc8f522ac82f64a8d7266f353a5094.camel@j-davis.com> <31a67adbb10b85ff7cddeafe75b9f6505c902e57.camel@j-davis.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk Thanks for reviewing. On Mon, Oct 13, 2025 at 07:23:36PM -0700, Jeff Davis wrote: > The unlikely scenarios are a bit confusing. I'd probably error for > either case. Also, the error message on the second scenario is wrong if > the previous lookup was a table, I think. Yeah, I think that's a better idea. > IIUC this is locking before the privilege check. Is there a reason why > we think this is OK here (and in amcheck_lock_relation_and_check()) but > not for the stats? For amcheck, AFAICT there aren't actually any ACL checks within the code because the function is restricted to superuser by default. For pg_prewarm, I don't know. You do have to install the extension before using it, but once installed, it's available to everyone by default. My guess is that it just hasn't been a problem in the field. Regardless, fixing the lock-before-privilege-checks behavior doesn't strike me as a bug, so I think we ought to proceed with something like 0003 for back-patching purposes and then to rework it further for v19. Does that sound okay to you? >> * 0004 is a small patch to teach dblink to use >> RangeVarGetRelidExtended(). I believe this code predates that >> function.  I don't intend to back-patch this one. > > Looks good. I'm going to go commit this one now to get it out of the way. -- nathan