On Wed, Apr 29, 2015 at 8:20 PM, Alvaro Herrera
<alvherre@2ndquadrant.com> wrote:
>> Finally, you've got the idea of making pg_ a reserved prefix for
>> roles, adding some predefined roles, and giving them some predefined
>> privileges. That should be yet another patch.
>
> On this part I have a bit of a problem -- the prefix is not really
> reserved, is it. I mean, evidently it's still possible to create roles
> with the pg_ prefix ... otherwise, how come the new lines to
> system_views.sql that create the "predefined" roles work in the first
> place? I think if we're going to reserve role names, we should reserve
> them for real: CREATE ROLE should flat out reject creation of such
> roles, and the default ones should be created during bootstrap.
>
> IMO anyway.
This is exactly what I mean about needing separate discussion for
separate parts of the patch. There's so much different stuff in there
right now that objections like this won't necessarily come out until
it's far too late to change things around.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
