po 22. 8. 2022 v 9:33 odesílatel Julien Rouhaud <rjuju123@gmail.com> napsal:
Hi Pavel,
On Sun, Aug 21, 2022 at 09:54:03AM +0200, Pavel Stehule wrote: > > should be fixed now
I started reviewing the patchset, beginning with 0001 (at least the parts that don't substantially change later) and have a few comments.
- you define new AclMode READ and WRITE. Those bits are precious and I don't think it's ok to consume 2 bits for session variables, especially since those are the last two bits available since the recent GUC access control patch (ACL_SET and ACL_ALTER_SYSTEM). Maybe we could existing INSERT and UPDATE privileges instead, like it's done for sequences?
I have not a strong opinion about it. AclMode is uint32 - so I think there are still 15bites reserved. I think so UPDATE and SELECT rights can work, but maybe it is better to use separate rights WRITE, READ to be stronger signalized so the variable is not the relation. On other hand large objects use ACL_UPDATE, ACL_SELECT too, and it works. So I am neutral in this question. Has somebody here some opinion on this point? If not I'll modify the patch like Julien proposes.