| From: | Petr Jelinek <pjmodos(at)pjmodos(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Stephen Frost <sfrost(at)snowman(dot)net>, Josh Berkus <josh(at)agliodbs(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [PATCH] DefaultACLs |
| Date: | 2009-08-28 22:59:36 |
| Message-ID: | 4A986158.2040406@pjmodos.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
I had some time to work on this patch, and I implemented the ALTER
DEFAULT PRIVILEGES syntax as proposed by Tom and adjusted some other
stuff, but before I can submit the new patch for commitfest there is
still this fundamental issue about how it should behave.
The situation is as following. Josh's and Stephen's idea was basically
to solve something like this: you are a dba, you give some users
privileges to create tables and you want those new tables to have same
privileges no matter who created them.
But if I understood Tom's suggestions correctly then his approach does
not solve this at all since every one of those users with CREATE TABLE
privileges would have to also set same DEFAULT PRIVILEGES and the dba
would have no say in the matter.
I personally can see use cases for both but I don't really see any
reasonable way to have both at the same time.
--
Regards
Petr Jelinek (PJMODOS)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David Fetter | 2009-08-28 22:59:58 | Re: Linux LSB init script |
| Previous Message | Greg Stark | 2009-08-28 22:57:07 | Re: Linux LSB init script |