Home > mailing lists

Re: Allow GRANT/REVOKE permissions to be applied to all schema objects with one command - Mailing list pgsql-hackers

From	Merlin Moncure
Subject	Re: Allow GRANT/REVOKE permissions to be applied to all schema objects with one command
Date	January 31, 2005 18:20:31
Msg-id	6EE64EF3AB31D5448D0007DD34EEB3412A75FA@Herge.rcsinc.local Whole thread Raw
In response to	Allow GRANT/REVOKE permissions to be applied to all schema objects with one command (Matthias Schmidt <schmidtm@mock-software.de>)
List	pgsql-hackers

Tree view

> Josh's last suggestion (ALL TABLES IN someschema) seems to me to be a
> reasonable compromise between usefulness, syntactic weirdness, and
> hiding implementation details.

Maybe it is not necessary to extend the syntax to distinguish between
the two cases.  Maybe it's worth considering to have newly created
tables/functions automatically 'GRANTED' with permissions set at the
schema level.  This could perhaps by guarded with GUC variable to
preserve compatibility with previous versions.  That way people like me
who prefer this behavior can just set security at the schema level which
is what we want.

In the event that the schema security changes, I don't mind having to
issue one of Matthias's beefed up GRANTS to get everything right.

This removes confusion and allows more freedom to tinker with the GRANT
sytax.  Plus, it makes having to mess with the system tables/views less
likely, IMO.

Merlin

pgsql-hackers by date:

From: Larry Rosenman
Date: 31 January 2005, 18:06:47
Subject: Re: [BUGS] Bug in create operator and/or initdb

From: Alvaro Herrera
Date: 31 January 2005, 18:22:13
Subject: Re: Two-phase commit for 8.1

Re: Allow GRANT/REVOKE permissions to be applied to all schema objects with one command - Mailing list pgsql-hackers

Previous

Next