Home > mailing lists

Re: ALTER DEFAULT PRIVILEGES FOR ROLE is broken - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: ALTER DEFAULT PRIVILEGES FOR ROLE is broken
Date	June 7, 2013 19:57:37
Msg-id	25086.1370624244@sss.pgh.pa.us Whole thread Raw
In response to	Re: ALTER DEFAULT PRIVILEGES FOR ROLE is broken (Stephen Frost <sfrost@snowman.net>)
Responses	Re: ALTER DEFAULT PRIVILEGES FOR ROLE is broken (Stephen Frost <sfrost@snowman.net>) Re: ALTER DEFAULT PRIVILEGES FOR ROLE is broken (Peter Eisentraut <peter_e@gmx.net>)
List	pgsql-hackers

Tree view

Stephen Frost <sfrost@snowman.net> writes:
> * Tom Lane (tgl@sss.pgh.pa.us) wrote:
>> Essentially the argument for allowing this without a permissions check
>> is "I'm not really doing anything to the schema, just preconfiguring the
>> rights that will be attached to a new object if I later (successfully)
>> create one in this schema".

> Makes sense to me; if we were going to do something, I'd say a warning
> would be better, but I'm alright with nothing too.

Hm.  Throwing a NOTICE saying "btw, this won't be of any value until the
user has CREATE rights in that schema" might be a reasonable compromise.
        regards, tom lane

pgsql-hackers by date:

From: Greg Smith
Date: 07 June 2013, 19:56:04
Subject: Re: Cost limited statements RFC

From: Stephen Frost
Date: 07 June 2013, 19:59:50
Subject: Re: ALTER DEFAULT PRIVILEGES FOR ROLE is broken

Re: ALTER DEFAULT PRIVILEGES FOR ROLE is broken - Mailing list pgsql-hackers

Previous

Next