Home > mailing lists

Re: [HACKERS] Simplify ACL handling for large objects and removal of superuser() checks - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: [HACKERS] Simplify ACL handling for large objects and removal of superuser() checks
Date	November 10, 2017 05:18:42
Msg-id	20732.1510269522@sss.pgh.pa.us Whole thread Raw
In response to	Re: [HACKERS] Simplify ACL handling for large objects and removal ofsuperuser() checks (Michael Paquier <michael.paquier@gmail.com>)
List	pgsql-hackers

Tree view

Michael Paquier <michael.paquier@gmail.com> writes:
> On Fri, Nov 10, 2017 at 7:05 AM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> I did miss the need to fix the docs, and am happy to put in some strong
>> wording about the security hazards of these functions while fixing the
>> docs.  But I do not think that leaving them with hardwired superuser
>> checks is an improvement over being able to control them with GRANT.

> Sorry about that. lobj.sgml indeed mentions superusers. Do you need a patch?

No, I can write it.  But I'm going to wait to see where this debate
settles before expending effort on the docs.
        regards, tom lane


-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

pgsql-hackers by date:

From: Michael Paquier
Date: 10 November 2017, 05:17:11
Subject: Re: [HACKERS] libpq connection strings: control over the cipher suites?

From: Joe Conway
Date: 10 November 2017, 05:19:12
Subject: Re: [HACKERS] libpq connection strings: control over the ciphersuites?

Re: [HACKERS] Simplify ACL handling for large objects and removal of superuser() checks - Mailing list pgsql-hackers

Previous

Next