| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
| Cc: | "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Only owners can ANALYZE tables...seems overly restrictive |
| Date: | 2016-02-29 13:31:38 |
| Message-ID: | 20160229133138.GV3127@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
* David G. Johnston (david(dot)g(dot)johnston(at)gmail(dot)com) wrote:
> Given the amount of damage a person with write access to a table can get
> into it seems pointless to not allow them to analyze the table after their
> updates - since best practices would say that normal work with a table
> should not be performed by an owner.
>
> I should the check for whether a given user can or cannot analyze a table
> should be whether the user has INSERT, UPDATE, or DELETE privileges.
Realistically, ANALYZE is a background/maintenance task that autovacuum
should be handling for you.
> I suppose row-level-security might come into play here...
Yes, you may only have access to a subset of the table.
If we had plenty more bits to allow ANALYZE to be independently
GRANT'able, then maybe, but those are a limited resource.
Thanks!
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Geoff Winkless | 2016-02-29 13:56:25 | multicolumn index and setting effective_cache_size using human-readable-numbers |
| Previous Message | Rafal Pietrak | 2016-02-29 11:03:55 | Re: multiple UNIQUE indices for FK |