| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Noah Misch <noah(at)leadboat(dot)com>, Josh Berkus <josh(at)agliodbs(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: ALTER DEFAULT PRIVILEGES FOR ROLE is broken |
| Date: | 2013-06-07 17:01:00 |
| Message-ID: | CA+TgmobuWprsocu3R0JEzoRG4PoYEgH=_wJaKErtMxQH=3njQg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Fri, Jun 7, 2013 at 12:44 PM, Stephen Frost <sfrost(at)snowman(dot)net> wrote:
> * Tom Lane (tgl(at)sss(dot)pgh(dot)pa(dot)us) wrote:
>> Essentially the argument for allowing this without a permissions check
>> is "I'm not really doing anything to the schema, just preconfiguring the
>> rights that will be attached to a new object if I later (successfully)
>> create one in this schema".
>
> Makes sense to me; if we were going to do something, I'd say a warning
> would be better, but I'm alright with nothing too.
I vote for nothing. I always thought that check was wrong-headed.
>> Thoughts? If we change this, should we back-patch it? I'm inclined to
>> think it's a bug (especially if the restore-ordering hazard is real)
>> so we should back-patch.
>
> Agreed.
Seems reasonable.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Fred&Dani&Pandora&Aquiles | 2013-06-07 17:09:57 | Parallell Optimizer |
| Previous Message | Stephen Frost | 2013-06-07 16:59:43 | Re: ALTER DEFAULT PRIVILEGES FOR ROLE is broken |