From: | Aksel Allas <allasaksel(at)gmail(dot)com> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | "Wetmore, Matthew (CTR)" <Matthew(dot)Wetmore(at)express-scripts(dot)com>, Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at>, pgsql-bugs(at)lists(dot)postgresql(dot)org |
Subject: | Re: BUG #18242: pg_dump with non-superuser from pg14 to pg15 fails on ALTER FUNCTION |
Date: | 2023-12-13 06:23:15 |
Message-ID: | CABnLe_C6UbB=mSyDDGHUx3k4=hps1wmehmVmph7=1LG0catT+w@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-bugs |
In my specific scenario it could be fixed such that e.g. pg_dump has a flag
for non superuser usage.
If the flag is enabled, the dump could check if CREATE privilege is given
at the end of the dump file to the correct schema and instead give the
privilege after connecting to the correct database. Then my case would work.
Best wishes!
Aksel
On Tue, Dec 12, 2023, 6:55 PM Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> "Wetmore, Matthew (CTR)" <Matthew(dot)Wetmore(at)express-scripts(dot)com> writes:
> > What about a whole new user type:
> > An 'Admin' account that isn't a super user, but just has dump/ elevated
> permissions /customizable.
>
> [ shrug... ] Maybe, but there's a mighty lot of devils hiding in
> the details. Exactly what special privileges would this user type
> need? How would we convince ourselves (and more to the point,
> convince the cloud providers) that such a set of privileges is
> safe to give out? Poking holes in the privilege model is usually
> a good way to create security hazards.
>
> BTW, please keep the list cc'd.
>
> regards, tom lane
>
From | Date | Subject | |
---|---|---|---|
Next Message | Daniel Gustafsson | 2023-12-13 08:44:26 | Re: BUG #18245: pg_restore accepts same output file name as input file name |
Previous Message | Tom Lane | 2023-12-13 04:04:37 | Re: BUG #18244: Corruption in indexes involving whole-row expressions |