Re: [HACKERS] less privileged pl install - Mailing list pgsql-patches

From Tom Lane
Subject Re: [HACKERS] less privileged pl install
Date
Msg-id 2790.1169879570@sss.pgh.pa.us
Whole thread Raw
In response to Re: [HACKERS] less privileged pl install  (Jeremy Drake <pgsql@jdrake.com>)
Responses Re: [HACKERS] less privileged pl install  (Jeremy Drake <pgsql@jdrake.com>)
List pgsql-patches
Jeremy Drake <pgsql@jdrake.com> writes:
> The only difference from this is, that when superuser is required, the
> owner of the language is not the superuser who created it, but
> BOOTSTRAP_SUPERUSERID.  This is because my interpretation was that the
> "same behavior as currently" took precedence.  The current behavior in cvs
> is that languages have no owner, and for purposes where one would be
> needed it is assumed to be BOOTSTRAP_SUPERUSERID.

> Is this valid, or should I instead set the owner to GetUserId() in those
> cases?

I'd go with GetUserId() in the cases where you're not explicitly
assigning ownership to the datdba role.  AFAIR the assumption that
languages are owned by BOOTSTRAP_SUPERUSERID was just a kluge to use in
some bits of code that had to have a notion of a specific owner.  Now
in reality every superuser has the same privileges as every other one,
and so it doesn't matter much which one you use, but we might as well
record who actually did the deed.

            regards, tom lane

pgsql-patches by date:

Previous
From: "Pavan Deolasee"
Date:
Subject: Ctid chain following enhancement
Next
From: Jeremy Drake
Date:
Subject: Re: [HACKERS] less privileged pl install