| From: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
|---|---|
| To: | PostgreSQL Development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Smaller access privilege changes |
| Date: | 2001-05-24 11:07:24 |
| Message-ID: | Pine.LNX.4.30.0105241250130.757-100000@peter.localdomain |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Since there is no plan yet how to do a wholesale overhaul of the ACL
system, I'd like to stick a few improvements into the current
implementation:
* Make DELETE distinct from UPDATE privilege
* rename the internal representation: s = select, i = insert, u = update,
d = delete, R = rules
* LOCK > AccessShare will require UPDATE or DELETE. This is not a change
in effect.
* Sequence nextval and setval will require UPDATE; DELETE won't do any
longer.
* COPY FROM will require INSERT privilege. It used to require
UPDATE/DELETE, it think that is not correct..
* INSERT (the command) will require INSERT privilege. UPDATE/DELETE won't
do any longer. (Why was this there?)
* Implement SQL REFERENCES privilege: grant references on A to B will
allow user B to create a foreign key referencing table A as primary key.
I'd also like to create a regression test. That will require creating
some global users and groups in the installation where the test runs. I
think as long as we name them "regressuser1", "regressgroup2", etc. this
won't harm anyone.
Comments?
--
Peter Eisentraut peter_e(at)gmx(dot)net http://funkturm.homeip.net/~peter
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2001-05-24 11:35:51 | Re: Rtree; cannot create index on polygons with lots of points |
| Previous Message | Oliver Elphick | 2001-05-24 08:30:05 | Bug#98565: postgresql logs notices with GMT timestamps in syslog (fwd) |