On Thursday 12 March 2009 21:39:54 Josh Berkus wrote:
> > Josh, this isn't a rejection. Both Tom and I asked for more exploration
> > of the implications of doing as you suggest. Tom has been more helpful
> > than I was in providing some scenarios that would cause problems. It is
> > up to you to solve the problems, which is often possible.
>
> OK, well, barring the context issues, what do people think of the idea?
>
> What I was thinking was that this would be a setting on the SET ROLE
> statement, such as:
>
> SET ROLE special WITH SETTINGS
>
> ... or similar; I'd need to find an existing keyword which works.
>
> I think this bypasses a lot of the issues which Tom raises, but I'd want
> to think about the various permutations some more.
>
How bad of an idea would it be to split set session authorization to be
privilege specific, and set role to focus on configiuration?
--
Robert Treat
Conjecture: http://www.xzilla.net
Consulting: http://www.omniti.com