Re: pre-proposal: permissions made easier - Mailing list pgsql-hackers

From Greg Stark
Subject Re: pre-proposal: permissions made easier
Date
Msg-id 407d949e0906292024o1cb50c2dg786e1906a262898a@mail.gmail.com
Whole thread Raw
In response to Re: pre-proposal: permissions made easier  (Josh Berkus <josh@agliodbs.com>)
Responses Re: pre-proposal: permissions made easier
Re: pre-proposal: permissions made easier
List pgsql-hackers
On Tue, Jun 30, 2009 at 1:51 AM, Josh Berkus<josh@agliodbs.com> wrote:
>
>>It does
>> seems slightly silly since surely anyone creating a new object would
>> just paste in their grants from another object or some common source
>> anyways, but I suppose that's the way with convenience features.
>
> That works fine until you have 6 (or more) defined roles and a couple
> hundred objects, and are in a "agile" environment where the dev team is
> constantly adding objects which have the wrong permissions.  That's whose
> problem I'm trying to solve (because they're my clients).

Well I don't understand how you get them wrong if you're just pasting
them from a file. I mean, sure you can pick the wrong template but
nothing can help you there. You could just as easily pick the wrong
template if it's a database feature instead of a text file.

"Agile" doesn't mean doing things without thinking about them :)

--
greg
http://mit.edu/~gsstark/resume.pdf


pgsql-hackers by date:

Previous
From: KaiGai Kohei
Date:
Subject: Re: [PATCH] [v8.5] Security checks on largeobjects
Next
From: Josh Berkus
Date:
Subject: Re: pre-proposal: permissions made easier