Tom Lane wrote:
>> How dangerous is it to UPDATE pg_class
>> directly, perhaps copying the relacl column for a table that I've
>> done by hand with GRANT.
>
> You can do it, and it will seem to work. However, unless you also
> make
> entries in pg_shdepend, bad things will happen if you later drop
> any of
> the users mentioned in the ACL. Your code will also be vulnerable to
> breakage in future releases if we change any of these details.
>
> A better approach is to write a plpgsql function that assembles and
> EXECUTEs the required GRANT commands.
Okay, thanks - guess it's time to learn some real plpgsql control
structures.
- John Burger
MITRE