From: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
---|---|
To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
Cc: | PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Subject: | Re: Simplify ACL handling for large objects and removal of superuser() checks |
Date: | 2017-08-15 22:09:47 |
Message-ID: | CAB7nPqSCW0NohY9xk1qNzLw-sH=E0JVxL1z2WsS=O567k8AJtg@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Tue, Aug 15, 2017 at 10:35 PM, Robert Haas <robertmhaas(at)gmail(dot)com> wrote:
> +1 for 0001 and 0002 in general, but I can't help noticing that they
> lead to a noticeable worsening of the error messages in the regression
> tests.
As the access restriction gets handled by GRANT in this patch, that's
a price to pay. The verbosity of this message could be kept by
introducing a default role dedicated to LOs. Personally, I am of the
opinion that a default role in this case is not justified for only
those functions. Other opinions are welcome.
I have noticed that 0002 should update lobj.sgml as well, something I
missed. Now the docs say "Therefore, their use is restricted to
superusers." for lo_import and lo_export, but I think that "by
default" should be appended.
--
Michael
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2017-08-15 22:40:42 | Re: [COMMITTERS] pgsql: Simplify plpgsql's check for simple expressions. |
Previous Message | Robert Haas | 2017-08-15 22:08:47 | Re: [COMMITTERS] pgsql: Simplify plpgsql's check for simple expressions. |