Tom Lane wrote:
> > How is this different from
>
> > 1. register language in pg_language without privileges
> > 2. activate language by granting privileges
>
> Because you can't create a language without first creating the support
> procedures, which ordinarily requires having the shared library
> present.
We are only talking about well-known procedural languages. The issue of
completely new languages added by the user is addressed by neither
proposal.
> Also, ISTM your proposal is to cause "CREATE LANGUAGE foo" on an
> already-existing language to execute "GRANT USAGE ON LANGUAGE foo TO
> PUBLIC" instead, rather than erroring out. That doesn't seem to pass
> the least-surprise test at all.
Clearly, there's going to be some surprise element. The surprise
element proposed by you is that the command does something completely
different than specified (which possibly introduces security holes, see
other mail). My proposal is that the command does only a subset of
what it would normally do, which amounts to some sort of implicit "OR
REPLACE", which people are familiar with.
--
Peter Eisentraut
http://developer.postgresql.org/~petere/