From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net>, Vaishnavi Prabakaran <vaishnaviprabakaran(at)gmail(dot)com>, PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Simplify ACL handling for large objects and removal of superuser() checks |
Date: | 2017-11-09 23:18:42 |
Message-ID: | 20732.1510269522@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Michael Paquier <michael(dot)paquier(at)gmail(dot)com> writes:
> On Fri, Nov 10, 2017 at 7:05 AM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>> I did miss the need to fix the docs, and am happy to put in some strong
>> wording about the security hazards of these functions while fixing the
>> docs. But I do not think that leaving them with hardwired superuser
>> checks is an improvement over being able to control them with GRANT.
> Sorry about that. lobj.sgml indeed mentions superusers. Do you need a patch?
No, I can write it. But I'm going to wait to see where this debate
settles before expending effort on the docs.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Joe Conway | 2017-11-09 23:19:12 | Re: libpq connection strings: control over the cipher suites? |
Previous Message | Michael Paquier | 2017-11-09 23:17:11 | Re: libpq connection strings: control over the cipher suites? |