* Bruce Momjian (bruce@momjian.us) wrote:
> On Sun, Jan 17, 2016 at 06:58:25PM -0500, Stephen Frost wrote:
> > I'm not against that idea, though I continue to feel that there are
> > common sets of privileges which backup tools could leverage.
> >
> > The other issue that I'm running into, again, while considering how to
> > move back to ACL-based permissions for these objects is that we can't
> > grant out the actual permissions which currently exist. That means we
>
> Is that because many of them are complex, e.g. you can kill only your
> own sessions?
Right.
> > either need to break backwards compatibility, which would be pretty
> > ugly, in my view, or come up with new functions and then users will have
> > to know which functions to use when.
> >
> > As I don't think we really want to break backwards compatibility or
> > remove existing functionality, the only approach which is going to make
> > sense is to add additional functions in some cases. In particular, we
> > will need alternate versions of pg_terminate_backend and
> > pg_cancel_backend. One thought I had was to make that
>
> Like these? Could we define own-user-type rights?
Interesting idea but I don't really see that being general enough that
we would want to burn a GRANT bit for it...
Thanks!
Stephen