Incomex AI Portal
KB-141D

Codex FIX7 Critical Review - Owner ACL Snapshot

1 min read Revision 1
fix7codexcritical-reviewaclowner

06 - Owner / ACL Snapshot

Verdict

CHECK_F_OWNER_ACL_NEEDS_T1_FIX

The snapshot is improved but not complete enough for exact privilege restoration and bypass proof.

Required T1 fixes:

  1. Include column ACLs from pg_attribute.attacl. Table-level relacl does not represent all column-level grants.
  2. Prove effective privileges, not only direct ACL rows. G-NOLEGACY/G-OWNER-CUTOVER must account for role membership and inherited privileges using PG-native effective-privilege checks.
  3. Capture object identity exactly: schema, kind/prokind, identity arguments, OID-at-capture, owner, ACL grantor/grantee/grantable, and snapshot hash/epoch.
  4. State whether role membership is unchanged; if any package changes it, snapshot and restore it explicitly.
  5. Rehearsal must compare restored effective privilege sets in both directions, not only raw ACL equality.

No owner/ACL cutover is authorized.

Back to Knowledge Hub knowledge/dev/reports/architecture/codex-fix7-refactor-blueprint-critical-review-2026-06-08/06-owner-acl-snapshot.md