Re: pre-proposal: permissions made easier

From: Greg Stark <gsstark(at)mit(dot)edu>
To: Josh Berkus <josh(at)agliodbs(dot)com>
Cc: Jeff Davis <pgsql(at)j-davis(dot)com>, David Fetter <david(at)fetter(dot)org>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: pre-proposal: permissions made easier
Date: 2009-06-29 19:53:54
Message-ID: 407d949e0906291253h2a429d66p14cfd6330da37c10@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Mon, Jun 29, 2009 at 7:41 PM, Josh Berkus<josh(at)agliodbs(dot)com> wrote:
> The main reason is existing practice.

I haven't followed the entire conversation so i'm not sure who I'm
going to be disagreeing with or agreeing with here. But I wanted to
mention that existing practice may not be a very useful place to start
here. Whatever mechanism we invent is going to change the calculus of
people deciding how to set up their schemas and roles since they'll
want to arrange things to take advantage of this new mechanism.

In particular, one early question was whether to use wildcard patterns
or schema names. People were saying wildcard patterns would be more
flexible because people don't always set up their objects in different
schemas. But if we had a mechanism someone wanted to use which
depended on schemas they would be far more likely to choose to set up
schemas for objects which belong in different security classes.

--
greg
http://mit.edu/~gsstark/resume.pdf

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Josh Berkus 2009-06-29 20:02:46 Re: pre-proposal: permissions made easier
Previous Message Josh Berkus 2009-06-29 19:42:50 Re: pre-proposal: permissions made easier