sepgsql: Enforce db_schema:search permission.

KaiGai Kohei, with comment and doc wordsmithing by me
author: Robert Haas <rhaas@postgresql.org> 2013-04-05 08:51:31 -0400
committer: Robert Haas <rhaas@postgresql.org> 2013-04-05 08:51:31 -0400
commit: e965e6344cfaff0708a032721b56f61eea777bc5 (patch)
tree: 51f5e7f7c97fd7a27779407663130fcc29978022 /doc/src
parent: 52f436b807b0d02203ea6be19bafa56e4e1381e8 (diff)
download: postgresql-e965e6344cfaff0708a032721b56f61eea777bc5.tar.gz
postgresql-e965e6344cfaff0708a032721b56f61eea777bc5.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/doc/src/sgml/sepgsql.sgml b/doc/src/sgml/sepgsql.sgml
index da0915bff3a..0a2ee86a111 100644
--- a/doc/src/sgml/sepgsql.sgml
+++ b/doc/src/sgml/sepgsql.sgml
@@ -398,6 +398,16 @@ UPDATE t1 SET x = 2, y = md5sum(y) WHERE z = 100;
    </para>
 
    <para>
+    In order to access any schema object, <literal>db_schema:search</>
+    permission is required on the containing schema.  When an object is
+    referenced without schema qualification, schemas on which this
+    permission is not present will not be searched (just as if the user did
+    not have <literal>USAGE</> privilege on the schema).  If an explicit schema
+    qualification is present, an error will occur if the user does not have
+    the requisite permission on the named schema.
+   </para>
+
+   <para>
     The client must be allowed to access all referenced tables and
     columns, even if they originated from views which were then expanded,
     so that we apply consistent access control rules independent of the manner
author	Robert Haas <rhaas@postgresql.org>	2013-04-05 08:51:31 -0400
committer	Robert Haas <rhaas@postgresql.org>	2013-04-05 08:51:31 -0400
commit	e965e6344cfaff0708a032721b56f61eea777bc5 (patch)
tree	51f5e7f7c97fd7a27779407663130fcc29978022 /doc/src
parent	52f436b807b0d02203ea6be19bafa56e4e1381e8 (diff)
download	postgresql-e965e6344cfaff0708a032721b56f61eea777bc5.tar.gz postgresql-e965e6344cfaff0708a032721b56f61eea777bc5.zip