| From: | Gevik Babakhani <pgdev(at)xs4all(dot)nl> |
|---|---|
| To: | Alvaro Herrera <alvherre(at)commandprompt(dot)com> |
| Cc: | pgsql-hackers(at)postgresql(dot)org, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Subject: | Re: Please advice TODO Item pg_hba.conf |
| Date: | 2006-04-23 22:22:01 |
| Message-ID: | 1145830922.2135.56.camel@voyager.truesoftware.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi,
> if (acl in pg_database == NULL)
> acl = acldefault
> else
> acl = acl in pg_database
> if (has_permission(acl, user, ACL_CONNECT))
> can connect
> else
> can't connect
>
>
> To revoke a privilege you do this:
>
> if (acl in pg_datbase == NULL)
> acl = acldefault
> else
> acl = acl in pg_database
> newacl = revoke_privilege_from(acl)
> store newacl in pg_database
Perfect, I see it now :) My error was to actually add the "acldefault"
when the acl was null.
>
> > Personally I think it would be better for the database owner not have
> > the option to REVOKE himself from the CONNECTION privilege of his own
> > database.
>
> Why? A table owner can revoke privileges from himself.
Of course a TABLE owner can revoke privileges from himself. But why
would a DATABASE owner want to lock himself out from CONNECTING to his
database. Perhaps there is a legitimate reason for this but it doesn't
make sense. Right? I see it this way: Why should I lockout myself from
my own house and throw the keys away. (I am a man of simple words and
examples, I must apologize.)
> I understand your point, but we give a lot of privileges by default (I
> think we give CREATE on the PUBLIC schema, for example). You can
> propose to change that behavior, but I feel that's a different
> discussion than what you are working on ATM.
>
Agreed.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jonah H. Harris | 2006-04-23 22:22:27 | Re: Google SoC--Idea Request |
| Previous Message | Agent M | 2006-04-23 22:14:12 | Protocol Message Graph |