| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "Wetmore, Matthew (CTR)" <Matthew(dot)Wetmore(at)express-scripts(dot)com> |
| Cc: | Aksel Allas <allasaksel(at)gmail(dot)com>, Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at>, pgsql-bugs(at)lists(dot)postgresql(dot)org |
| Subject: | Re: BUG #18242: pg_dump with non-superuser from pg14 to pg15 fails on ALTER FUNCTION |
| Date: | 2023-12-12 16:55:48 |
| Message-ID: | 2448878.1702400148@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
"Wetmore, Matthew (CTR)" <Matthew(dot)Wetmore(at)express-scripts(dot)com> writes:
> What about a whole new user type:
> An 'Admin' account that isn't a super user, but just has dump/ elevated permissions /customizable.
[ shrug... ] Maybe, but there's a mighty lot of devils hiding in
the details. Exactly what special privileges would this user type
need? How would we convince ourselves (and more to the point,
convince the cloud providers) that such a set of privileges is
safe to give out? Poking holes in the privilege model is usually
a good way to create security hazards.
BTW, please keep the list cc'd.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2023-12-12 17:11:44 | Re: BUG #18241: PushTransaction may cause Standby to execute ItemIdMarkDead |
| Previous Message | Tom Lane | 2023-12-12 15:09:35 | Re: BUG #18242: pg_dump with non-superuser from pg14 to pg15 fails on ALTER FUNCTION |