From: | Bruce Momjian <bruce(at)momjian(dot)us> |
---|---|
To: | Noah Misch <noah(at)leadboat(dot)com> |
Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: First draft of the PG 15 release notes |
Date: | 2022-07-21 17:44:13 |
Message-ID: | YtmQbQtxP2H+irFa@momjian.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Tue, Jul 12, 2022 at 02:47:07PM -0400, Bruce Momjian wrote:
> On Mon, Jul 11, 2022 at 11:31:32PM -0700, Noah Misch wrote:
> > On Mon, Jul 11, 2022 at 12:39:57PM -0400, Bruce Momjian wrote:
> > > I had trouble reading the sentences in the order you used so I
> > > restructured it:
> > >
> > > The new default is one of the secure schema usage patterns that <xref
> > > linkend="ddl-schemas-patterns"/> has recommended since the security
> > > release for CVE-2018-1058. The change applies to newly-created
> > > databases in existing clusters and for new clusters. Upgrading a
> > > cluster or restoring a database dump will preserve existing permissions.
> >
> > I agree with the sentence order change.
>
> Great.
>
> > > For existing databases, especially those having multiple users, consider
> > > issuing <literal>REVOKE</literal> to adopt this new default. For new
> > > databases having zero need to defend against insider threats, granting
> > > <literal>USAGE</literal> permission on their <literal>public</literal>
> > > schemas will yield the behavior of prior releases.
> >
> > s/USAGE/CREATE/ in the last sentence. Looks good with that change.
>
> Ah, yes, of course.
Patch applied, I also adjusted the second paragraph to be more
symmetric. You can see the results here:
https://momjian.us/pgsql_docs/release-15.html
--
Bruce Momjian <bruce(at)momjian(dot)us> https://momjian.us
EDB https://enterprisedb.com
Indecision is a decision. Inaction is an action. Mark Batterson
From | Date | Subject | |
---|---|---|---|
Next Message | Nathan Bossart | 2022-07-21 17:56:41 | Re: Allow placeholders in ALTER ROLE w/o superuser |
Previous Message | Alvaro Herrera | 2022-07-21 17:42:12 | Re: Make name optional in CREATE STATISTICS |