Home > mailing lists

Re: New default role- 'pg_read_all_data' - Mailing list pgsql-hackers

From	Georgios Kokolatos
Subject	Re: New default role- 'pg_read_all_data'
Date	August 28, 2020 15:16:36
Msg-id	159861699631.18329.14711450552365728705.pgcf@coridan.postgresql.org Whole thread Raw
In response to	Re: New default role- 'pg_read_all_data' (Magnus Hagander <magnus@hagander.net>)
Responses	Re: New default role- 'pg_read_all_data'
List	pgsql-hackers

Tree view

Thank you for the patch.

My high level review comment:
The patch seems to be implementing a useful and requested feature.
The patch applies cleanly and passes the basic regress tests. Also the commitfest bot is happy.

A first pass at the code, has not revealed any worthwhile comments.
Please allow me for a second and more thorough pass. The commitfest has hardly started after all.

Also allow me a series of genuine questions: 

What would the behaviour be with REVOKE?
In a sequence similar to:
GRANT ALL ON ...
REVOKE pg_read_all_data FROM ...
What privileges would the user be left with? Would it be possible to end up in the same privilege only with a GRANT
command?
Does the above scenario even make sense?

Regards,

pgsql-hackers by date:

From: Asim Praveen
Date: 28 August 2020, 14:06:09
Subject: Re: SyncRepLock acquired exclusively in default configuration

From: Masahiko Sawada
Date: 28 August 2020, 15:20:01
Subject: Re: SyncRepLock acquired exclusively in default configuration

Re: New default role- 'pg_read_all_data' - Mailing list pgsql-hackers

Previous

Next