| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
| Cc: | Martin Pihlak <martin(dot)pihlak(at)gmail(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: SQL/MED compatible connection manager |
| Date: | 2009-03-04 17:08:25 |
| Message-ID: | 3435.1236186505@sss.pgh.pa.us |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Peter Eisentraut <peter_e(at)gmx(dot)net> writes:
> I think the proper way to handle it might be to introduce a new
> privilege type -- call it SELECT if you like -- that determines
> specifically whether you can *see* the options of a foreign-data
> wrapper, foreign server, or user mapping, respectively. As opposed to
> USAGE, which means you can use the object for connecting (in the
> future). This might have other uses: The owner of a server might want
> to hide the host name, but still let you connect.
How would you implement/enforce that, in the absence of row-level
security on the catalogs involved?
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2009-03-04 17:14:37 | Re: building pg_dump doesn't work |
| Previous Message | Alvaro Herrera | 2009-03-04 17:05:52 | Re: building pg_dump doesn't work |