From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Lamar Owen <lamar(dot)owen(at)wgcr(dot)org>, Vince Vielhaber <vev(at)michvhf(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Open 7.3 items |
Date: | 2002-08-15 00:30:47 |
Message-ID: | 200208150030.g7F0UlT01774@candle.pha.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Tom Lane wrote:
> Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> > I don't know where else to go with the patch at this point. I think
> > increasing the number of 'global' users is polluting the namespace too
> > much,
>
> Why? If the installation needs N global users, then it needs N global
> users; who are you to make that value judgment for them?
>
> In practice I think an installation that's using this feature is going
> to have a pretty small number of global users, and so the issue of
> collisions with local usernames isn't really as big as it's been painted
> in this thread. We could ignore that issue (except for documenting it)
> and have a perfectly serviceable feature.
The original idea was that Marc wanted people who could create their own
users for their own databases. If we make the creation of global users
too easy, all of a sudden people don't have control over their db
usernames because they have to avoid all the global user names already
defined. By adding multiple global users, it is diluting the usefulness
of the feature.
I suppose a pg_global_users file would be a compromise because only the
admin could actually add people to that file. If it was more automatic,
like writing pg_shadow, someone could create a user without an @ and
block access for other users to other database, which is bad.
I still don't like the fact that people think they have control over
their db namespace, when they really don't, but no one else seems to see
that as a problem. The namespace conflicts just yell of poor design.
OK, I have another idea. What if we make global users end with an @, so
dave@ is a global user. We can easily check for that in the postmaster
and not append the dbname. I know it makes @ a special character, but
considering the problem of namespace collision, it seems better than
what we have now. We could add the install user too if we wish, or just
tell them to make sure they add a user@ before turning on the feature.
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
From | Date | Subject | |
---|---|---|---|
Next Message | Tatsuo Ishii | 2002-08-15 01:05:05 | Re: another multibyte question |
Previous Message | Tom Lane | 2002-08-15 00:20:11 | Re: Inheritance |