You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
All users can now view any comments on any object (bypassing other privileges), but modifying comments require write privilege on the target object. Previously, any user could modify any database/table/view/index comment via direct SQL updates to system.comments. This was unintended and a form of privilege escalation, and is now prevented. The privileges required for the COMMENT statement, pg_description, col_description(), obj_description(), and shobj_description() are operating as in PostgreSQL and are unaffected by this change.[#45712][#45712] {% comment %}doc{% endcomment %}
The text was updated successfully, but these errors were encountered:
We currently don't document system.comments, or really any system tables. We actually don't document privileges on any internal tables. I think we can close this issue, in favor of #6272.
PR: cockroachdb/cockroach#45712
From release notes:
The text was updated successfully, but these errors were encountered: