Re: untrusted PLs should be GRANTable

From: Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>
To: Craig Ringer <craig(at)2ndquadrant(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: untrusted PLs should be GRANTable
Date: 2018-07-17 18:51:43
Message-ID: cadb352d-2874-e514-cf5f-55099c10a173@2ndquadrant.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On 17.07.18 07:20, Craig Ringer wrote:
> A user has raised the point that our refusal to GRANT rights to
> untrusted PLs is counterproductive and inconsistent with how we behave
> elsewhere.

Previous discussion:
https://www.postgresql.org/message-id/flat/1357905627.24219.6.camel%40vanquo.pezone.net

What caused that to die was "What might actually be a problem in this
area is that, AFAICT, pg_dump does not save privileges granted to
objects in extensions." But I think that is fixed/fixable now with
pg_init_privs.

--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2018-07-17 19:02:32 Re: Another usability issue with our TAP tests
Previous Message Robert Haas 2018-07-17 18:47:49 Re: Allowing multiple DDL commands to run simultaneously