Home > mailing lists

Re: [PATCHES] Merge pg_shadow && pg_group -- UNTESTED - Mailing list pgsql-hackers

From	Peter Eisentraut
Subject	Re: [PATCHES] Merge pg_shadow && pg_group -- UNTESTED
Date	January 24, 2005 19:25:22
Msg-id	200501241724.59924.peter_e@gmx.net Whole thread Raw
In response to	Re: [PATCHES] Merge pg_shadow && pg_group -- UNTESTED (Stephen Frost <sfrost@snowman.net>)
Responses	Re: [PATCHES] Merge pg_shadow && pg_group -- UNTESTED (Stephen Frost <sfrost@snowman.net>)
List	pgsql-hackers

Tree view

Stephen Frost wrote:
> The other difference would seem to be that "user identifiers" can't
> be granted to users whereas "role identifiers" can be.  Following
> this, "rolmembers" must be NULL if rolcanlogin is true, no?  That
> breaks if roles can log in though.  Or should we just allow granting
> of "user identifiers" to other users- but if we do should the user be
> permitted to do that?

If he has admin option on his own role, sure.  But I suppose by default 
we wouldn't.

One use case I see is if someone goes on vacation he can temporarily 
grant the privileges held by his user account to others without 
actually giving out the login data.

-- 
Peter Eisentraut
http://developer.postgresql.org/~petere/

pgsql-hackers by date:

From: David Fetter
Date: 24 January 2005, 19:13:09
Subject: Re: Shortcut for defining triggers

From: Peter Eisentraut
Date: 24 January 2005, 19:27:45
Subject: Re: Extending System Views: proposal for 8.1/8.2

Re: [PATCHES] Merge pg_shadow && pg_group -- UNTESTED - Mailing list pgsql-hackers

Previous

Next