From: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
---|---|
To: | Stephen Frost <sfrost(at)snowman(dot)net>, Petr Jelinek <petr(dot)jelinek(at)2ndquadrant(dot)com> |
Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: logical replication access control patches |
Date: | 2017-03-15 17:20:12 |
Message-ID: | 585ccdfd-a974-d98b-0778-8cc659d0136f@2ndquadrant.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 3/14/17 15:05, Stephen Frost wrote:
> Another approach to solving my concern would be to only allow the
> publishing of tables by non-owner users who have table-level SELECT
> rights
An early version of the logical replication patch set did that. But the
problem is that this way someone with SELECT privilege could include a
table without replica identity index into a publication and thereby
prevent updates to the table. There might be ways to tweak things to
make that work better, but right now it works that way.
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
From | Date | Subject | |
---|---|---|---|
Next Message | Peter Eisentraut | 2017-03-15 17:20:45 | Re: logical replication access control patches |
Previous Message | Peter Eisentraut | 2017-03-15 17:07:03 | Re: identity columns |