On 2009-12-04, Andrew Gierth <andrew(at)tao11(dot)riddles(dot)org(dot)uk> wrote:
>>>>>> "Tom" == Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> writes:
>
> > Andrew Dunstan <andrew(at)dunslane(dot)net> writes:
> >> Before we go too far with this, I'd like to know how we will handle the
> >> problems outlined here:
> >> <http://archives.postgresql.org/pgsql-hackers/2008-02/msg00916.php>
>
> Tom> Hm, I think that's only a problem if we define it to be a
> Tom> problem, and I'm not sure it's necessary to do so. Currently,
> Tom> access to PL languages is controlled by superusers. You are
> Tom> suggesting that if plpgsql is installed by default, then access
> Tom> to it should be controlled by non-superuser DB owners instead.
>
> Currently, a non-superuser db owner can install plpgsql, and having
> installed it, can DROP it or grant/revoke access to it:
>
> test=> create language plpgsql;
> CREATE LANGUAGE
> test=> revoke usage on language plpgsql from public;
> REVOKE
> test=> drop language plpgsql;
> DROP LANGUAGE
>
> The complaint is that if plpgsql is installed by default, then it will
> be owned by postgres rather than by the db owner, who will then not be
> able to drop it or use grant/revoke on it.
The same problem is had with schema public...