From: | Joe Conway <mail(at)joeconway(dot)com> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Stephen Frost <sfrost(at)snowman(dot)net> |
Cc: | pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: pg_dump dump catalog ACLs |
Date: | 2016-03-01 15:31:17 |
Message-ID: | 56D5B5C5.5070100@joeconway.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 02/29/2016 08:52 PM, Tom Lane wrote:
> Stephen Frost <sfrost(at)snowman(dot)net> writes:
>> As it turns out, there isn't such an issue as the default for functions
>> is to allow PUBLIC to EXECUTE and therefore we don't dump out ACLs for
>> most functions. The follow-on change to this patch is to modify those
>> functions to *not* have the default/NULL ACL (and also drop the explicit
>> if (!superuser()) ereport() checks in those functions), which will work
>> just fine and won't be overwritten during pg_upgrade because those
>> functions currently just have the default ACL, which we don't dump out.
>
> Yes, so it would probably manage to not fail during 9.6 -> 9.7 migration.
> But you *won't ever again* get to change the default ACLs on those
> functions. That does not seem like a great bet from here.
Would it be a terrible idea to add some attribute to ACLs which can be
used to indicate they should not be dumped (and supporting syntax)?
--
Crunchy Data - http://crunchydata.com
PostgreSQL Support for Secure Enterprises
Consulting, Training, & Open Source Development
From | Date | Subject | |
---|---|---|---|
Next Message | Atri Sharma | 2016-03-01 15:36:04 | Re: PROPOSAL: Fast temporary tables |
Previous Message | Tom Lane | 2016-03-01 15:27:31 | Re: Commitfest Bug (was: Re: Reusing abbreviated keys during second pass of ordered [set] aggregates) |