Home > mailing lists

Re: Proposal for enhancements of privilege system - Mailing list pgsql-hackers

From	Chris Bitmead
Subject	Re: Proposal for enhancements of privilege system
Date	May 22, 2000 23:53:40
Msg-id	3929D582.9372C87D@nimrod.itg.telecom.com.au Whole thread Raw
In response to	Proposal for enhancements of privilege system (Peter Eisentraut <peter_e@gmx.net>)
Responses	Re: Proposal for enhancements of privilege system (Andreas Zeugswetter <andreas.zeugswetter@telecom.at>)
List	pgsql-hackers

Tree view

Peter Eisentraut wrote:

> pg_privilege (
>     priobj oid,
>     prigrantor oid,
>     prigrantee oid,
>     priaction char,
>     priisgrantable boolean,
> 
>     primary key (priobj, prigrantee, priaction)
> )
> 

I like it.

> The straightforward choice would be to store a single reference to
> pg_class when the privilege describes the whole table, and
> pg_attribute references when only specific columns are named. That
> would mean the lookup routine will first look for a pg_class.oid entry
> and, failing that, then for possible pg_attribute.oid entries for the
> columns that it's interested in. This is of course suboptimal when no
> privilege exists in the first place but that is not necessarily the case
> we're optimizing for.

Don't worry about performance for the access denied case. That is going
to be outweighed 1000:1 by the access allowed case. Go for the clean
solution.

pgsql-hackers by date:

From: Bruce Momjian
Date: 22 May 2000, 23:31:37
Subject: Re: Proposal for enhancements of privilege system

From: Chris Bitmead
Date: 23 May 2000, 00:02:39
Subject: Re: OO Patch

Re: Proposal for enhancements of privilege system - Mailing list pgsql-hackers

Previous

Next