Home > mailing lists

Re: GRANT ON ALL IN schema - Mailing list pgsql-hackers

From	Stephen Frost
Subject	Re: GRANT ON ALL IN schema
Date	August 10, 2009 21:28:54
Msg-id	20090810212842.GR23840@tamriel.snowman.net Whole thread Raw
In response to	Re: GRANT ON ALL IN schema (Josh Berkus <josh@agliodbs.com>)
List	pgsql-hackers

Tree view

* Josh Berkus (josh@agliodbs.com) wrote:
> I'm not agreeing, though, that we don't need a GRANT ALL/ALTER DEFAULT.
>  We still need that for the simplest cases so that novice-level users
> will use *some* access control.  But it would mean that we wouldn't need
> GRANT ALL/ALTER DEFAULT to support anything other than the simplest cases.

I agree with Josh.  That's also why I feel the schema or namespace-driven
grant/defaults make the most sense.  I feel like it's the most natural
and intuitive option.  Having a default for roles is a neat idea, but I
don't believe they'd be used much and would require having a precedence
or merging them, neither of which I like.
Thanks,
    Stephen

pgsql-hackers by date:

From: Josh Berkus
Date: 10 August 2009, 21:13:09
Subject: Re: GRANT ON ALL IN schema

From: Alvaro Herrera
Date: 10 August 2009, 22:03:30
Subject: Re: [COMMITTERS] pgsql: Refactor NUM_cache_remove calls in error report path to a PG_TRY

Re: GRANT ON ALL IN schema - Mailing list pgsql-hackers

Previous

Next