From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
Cc: | Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: type privileges and default privileges |
Date: | 2011-11-10 22:08:59 |
Message-ID: | 17434.1320962939@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> On Thu, Nov 10, 2011 at 3:17 PM, Peter Eisentraut <peter_e(at)gmx(dot)net> wrote:
>> No, I'm pondering having pg_default_acl initialized so that newly
>> created types have explicit USAGE privileges in their typacl column, so
>> acldefault() wouldn't be needed. (And builtin types would have their
>> typacl initialized analogously.) I suppose this is how we might have
>> done it if we had invented ALTER DEFAULT PRIVILEGES first.
> I'm not convinced. That's a lot of catalog clutter for no benefit.
To actually get rid of acldefault, we'd have to do that not only for
types but for all objects with ACLs. That's a LOT of catalog bulk,
and like Robert I'm not seeing much benefit. It's not unreasonable
to want the typical case to be small and fast.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2011-11-10 22:12:43 | Re: Disable OpenSSL compression |
Previous Message | Bruce Momjian | 2011-11-10 22:07:14 | Re: LOCK_DEBUG is busted |