![]() ![]() When EXPLAIN references the session's temporary object schema, refer to it as pg_temp (Amul Sul) UPDATE and DELETE commands typically involve reading the table as well, so require the subscription owner to have table SELECT permission. Prevent UPDATE and DELETE logical replication operations on tables where the subscription owner does not have SELECT permission on the table (Jeff Davis) Previously, a login role could add/remove members of its own role, even without ADMIN OPTION privilege.Īllow logical replication to run as the owner of the subscription (Mark Dilger)īecause row-level security policies are not checked, only superusers, roles with bypassrls, and table owners can replicate into tables with row-level security policies. Remove the default ADMIN OPTION privilege a login role has on its own role membership (Robert Haas) The affected functions are justify_interval(), justify_hours(), and justify_days().Ĭhange the I/O format of type "char" for non-ASCII characters (Tom Lane)īytes with the high bit set are now output as a backslash and three octal digits, to avoid encoding issues. This will, for example, cause creation of indexes relying on the text output of interval values to fail.ĭetect integer overflow in interval justification functions (Joe Koshakow) Mark the interval output function as stable, not immutable, since it depends on IntervalStyle (Tom Lane) Numbers with trailing periods were rejected on some platforms. Improve consistency of interval parsing with trailing periods (Tom Lane) When interval input provides a fractional value for a unit greater than months, round to the nearest month (Bruce Momjian)įor example, convert 1.99 years to 2 years, not 1 year 11 months as before. 1 and 1., and disallows trailing junk after numeric literals, like 1.type(). Previously, query text like 123abc would be interpreted as 123 followed by a separate token abc.Īdjust JSON numeric literal processing to match the SQL/ JSON-standard (Peter Eisentraut) ![]() ![]() Prevent numeric literals from having non-numeric trailing characters (Peter Eisentraut) Non-Unicode zero-length identifiers were already disallowed. Prevent CREATE OR REPLACE VIEW from changing the collation of an output column (Tom Lane)ĭisallow zero-length Unicode identifiers, e.g., U&"" (Peter Eisentraut) Generate an error when chr() is supplied with a negative argument (Peter Eisentraut) Users of previous Postgres releases should verify that no empty lexemes are stored because they can lead to dump/restore failures and inconsistent results. This is prohibited because lexemes should never be empty. Generate an error if array_to_tsvector() is passed an empty-string array element (Jean-Christophe Arnu) While the original intent of plpythonu was that it could eventually refer to plpython3u, changing it now seems more likely to cause problems than solve them, so it's just been removed. Remove server-side language plpython2u and generic Python language plpythonu (Andres Freund) This allows query hash operations to use more work_mem memory than other operations. Increase hash_mem_multiplier default to 2.0 (Peter Geoghegan) Functions pg_start_backup()/ pg_stop_backup() have been renamed to pg_backup_start()/ pg_backup_stop(), and the functions pg_backup_start_time() and pg_is_in_backup() have been removed. The non-exclusive backup mode is considered superior for all purposes. If the database server stops abruptly while in this mode, the server could fail to start. Remove long-deprecated exclusive backup mode (David Steele, Nathan Bossart) Upgrading a cluster or restoring a database dump will preserve public's existing ownership specification. This change applies to new database clusters and to newly-created databases in existing clusters. Previously it was owned by the bootstrap superuser, so that non-superuser database owners could not do anything with it. This allows each database's owner to have ownership privileges on the public schema within their database. For new databases having no need to defend against insider threats, granting CREATE permission will yield the behavior of prior releases.Ĭhange the owner of the public schema to be the new pg_database_owner role (Noah Misch) Upgrading a cluster or restoring a database dump will preserve public's existing permissions.įor existing databases, especially those having multiple users, consider revoking CREATE permission on the public schema to adopt this new default. The change applies to new database clusters and to newly-created databases in existing clusters. The new default is one of the secure schema usage patterns that Section 5.9.6 has recommended since the security release for CVE-2018-1058. Remove PUBLIC creation permission on the public schema (Noah Misch) ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |