Alvaro Herrera wrote:
> Tom Lane wrote:
>> KaiGai Kohei <kaigai@kaigai.gr.jp> writes:
>>> BTW, currently, the default ACL of largeobject allows anything for owner
>>> and nothing for world. Do you have any comment for the default behavior?
>> Mph. I think the backlash will be too great. You have to leave the
>> default behavior the same as it is now, ie, world access.
>
> BTW as a default it is pretty bad. Should we have a GUC var to set the
> default LO permissions?
It seems to me a reasonable idea in direction.
However, it might be better to add a GUC variable to turn on/off LO
permission feature, not only default permissions.
It allows us to control whether the privilege mechanism should perform
in backward compatible, or not.
--
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai@ak.jp.nec.com>