Home > mailing lists

Re: [HACKERS] pg_user "sealed" - Mailing list pgsql-hackers

From	Bruce Momjian
Subject	Re: [HACKERS] pg_user "sealed"
Date	February 23, 1998 18:16:37
Msg-id	199802232015.PAA05978@candle.pha.pa.us Whole thread Raw
In response to	Re: [HACKERS] pg_user "sealed" (jwieck@debis.com (Jan Wieck))
Responses	Re: [HACKERS] pg_user "sealed" (jwieck@debis.com (Jan Wieck))
List	pgsql-hackers

Tree view

>     Since  you changed ACL_WORLD_DEFAULT to ACL_NO too, there are
>     now problems on \d <table> (pg_attribute: Permission denied).
>     And  thus  I expect more problems.  I think users should have
>     SELECT permission on non-critical system catalogs by default.
>
>     But  I  don't  think that setting explicit GRANT's on all the
>     system catalogs is a good thing. Due to  the  ACL  parsing  I
>     would expect some loss of performance.
>
>     So   if   the   relname   is   given   to   acldefault()   in
>     utils/adt/acl.c, it can do a IsSystemRelationName() on it and
>     return ACL_RD instead of ACL_WORLD_DEFAULT.

Nice solution.

--
Bruce Momjian                          |  830 Blythe Avenue
maillist@candle.pha.pa.us              |  Drexel Hill, Pennsylvania 19026
  +  If your life is a hard drive,     |  (610) 353-9879(w)
  +  Christ can be your backup.        |  (610) 853-3000(h)

pgsql-hackers by date:

From: ocie@paracel.com
Date: 23 February 1998, 18:15:22
Subject: Re: pl/{perl,pgsql} (was Re: AW: [HACKERS] triggers, views and ru

From: Bruce Momjian
Date: 23 February 1998, 18:17:31
Subject: Re: [HACKERS] Re: [COMMITTERS] 'pgsql/src/bin/initdb initdb.sh'

Re: [HACKERS] pg_user "sealed" - Mailing list pgsql-hackers

Previous

Next