From: | Noah Misch <noah(at)leadboat(dot)com> |
---|---|
To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
Cc: | "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>, "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com>, Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net>, Alvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Subject: | Re: public schema default ACL |
Date: | 2020-08-06 05:00:02 |
Message-ID: | 20200806050002.GB238834@rfd.leadboat.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Mon, Aug 03, 2020 at 09:46:23AM -0400, Robert Haas wrote:
> On Mon, Aug 3, 2020 at 2:30 AM Noah Misch <noah(at)leadboat(dot)com> wrote:
> > Between (b)(2)(X) and (b)(3)(X), what are folks' preferences? Does anyone
> > strongly favor some other option (including the option of changing nothing)
> > over both of those two?
>
> I don't think we have any options here that are secure but do not
> break backward compatibility.
I agree, but compatibility breaks vary in pain caused. I want to offer a
simple exit to a backward-compatible configuration, and I want a $NEW_DEFAULT
pleasing enough that a decent fraction of deployments keep $NEW_DEFAULT (forgo
the exit). The move to default standard_conforming_strings=on is an example
to follow (editing postgresql.conf was the simple exit).
> I don't know how to choose between (1), (2), and (3).
One way is to envision deployments you know and think about a couple of
questions in the context of those deployments. If $EACH_OPTION happened,
would this deployment keep $NEW_DEFAULT, override $NEW_DEFAULT to some other
secure configuration, or exit to $v13_DEFAULT? Where the answer is "exit",
would those deployments rate the exit recipe easy, medium, or difficult?
From | Date | Subject | |
---|---|---|---|
Next Message | Noah Misch | 2020-08-06 05:05:28 | Re: public schema default ACL |
Previous Message | Andrey M. Borodin | 2020-08-06 04:55:51 | Re: pg_rewind is not crash safe |