Re: allowing for control over SET ROLE - Mailing list pgsql-hackers

From Jeff Davis
Subject Re: allowing for control over SET ROLE
Date
Msg-id 2428449680f732836906cebe9c8bf0998c7e5486.camel@j-davis.com
Whole thread Raw
In response to Re: allowing for control over SET ROLE  (Robert Haas <robertmhaas@gmail.com>)
Responses Re: allowing for control over SET ROLE
Re: allowing for control over SET ROLE
List pgsql-hackers
On Thu, 2022-11-17 at 16:52 -0500, Robert Haas wrote:

> But I think the bigger
> reason is that, in my opinion, this proposal is more generally
> useful,
> because it takes no position on why you wish to disallow SET ROLE.
> You
> can just disallow it in some cases and allow it in others, and that's
> fine.

I agree that the it's more flexible in the sense that it does what it
does, and administrators can use it if it's useful for them. That means
we don't need to understand the actual goals as well; but it also means
that it's harder to determine the consequences if we tweak the behavior
(or any related behavior) later.

I'll admit that I don't have an example of a likely problem here,
though.

> That proposal targets a specific use case, which may make it a
> better solution to that particular problem, but it makes it
> unworkable
> as a solution to any other problem, I believe.

Yeah, that's the flip side: "virtual" roles (for lack of a better name)
are a more narrow fix for the problem as I understand it; but it might
leave related problems unfixed. You and Stephen[2] both seemed to
consider this approach, and I happened to like it, so I wanted to make
sure that it wasn't dismissed too quickly.

But I'm fine if you'd like to move on with the SET ROLE privilege
instead, as long as we believe it grants a stable set of capabilities
(and conversely, that if the SET ROLE privilege is revoked, that it
revokes a stable set of capabilities).

[2]
https://www.postgresql.org/message-id/YzIAGCrxoXibAKOD%40tamriel.snowman.net


--
Jeff Davis
PostgreSQL Contributor Team - AWS





pgsql-hackers by date:

Previous
From: Andres Freund
Date:
Subject: Re: Mingw task for Cirrus CI
Next
From: Tomas Vondra
Date:
Subject: Re: Optimize join selectivity estimation by not reading MCV stats for unique join attributes