| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com> |
| Cc: | Stephen Frost <sfrost(at)snowman(dot)net>, chris+postgresql(at)qwirx(dot)com, pgsql-docs(at)lists(dot)postgresql(dot)org, pgsql-hackers(at)lists(dot)postgresql(dot)org, Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
| Subject: | Re: Logical replication subscription owner |
| Date: | 2020-05-08 03:30:23 |
| Message-ID: | 17709.1588908623@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-docs pgsql-hackers |
Alvaro Herrera <alvherre(at)2ndquadrant(dot)com> writes:
> I'd welcome input from other people on this issue; only now I noticed
> that it's buried in pgsql-docs, so CCing pgsql-hackers now.
FWIW, I would argue that LOGIN permits logging in on a regular SQL
connection, while REPLICATION should permit logging in on a
replication connection, and there's no reason for either to depend on
or require the other.
> On 2020-Apr-23, Stephen Frost wrote:
>> Also- what about per-database connections? Does having REPLICATION mean
>> you get to override the CONNECT privileges on a database, if you're
>> connecting for the purposes of doing logical replication?
No, why would it? Should LOGIN privilege mean you can override
CONNECT? That's nonsense. You need the respective privilege
to connect with the protocol you want to connect with, and you
also need CONNECT on the DB you want to connect to.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2020-05-08 05:02:11 | Re: Logical replication subscription owner |
| Previous Message | Alvaro Herrera | 2020-05-08 01:47:34 | Re: Logical replication subscription owner |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Noah Misch | 2020-05-08 04:22:02 | Re: PG 13 release notes, first draft |
| Previous Message | Kyotaro Horiguchi | 2020-05-08 03:10:02 | Re: +(pg_lsn, int8) and -(pg_lsn, int8) operators |