On Wed, Nov 29, 2017 at 7:42 PM, Stephen Frost <sfrost@snowman.net> wrote:
> Ashutosh,
>
> * Ashutosh Bapat (ashutosh.bapat@enterprisedb.com) wrote:
>> On Wed, Nov 29, 2017 at 4:56 AM, Stephen Frost <sfrost@snowman.net> wrote:
>> > The "global rethink" being contemplated seems to be more about
>> > authentication forwarding than it is about this specific change. If
>> > there's some 'global rethink' which is actually applicable to this
>> > specific deviation from the usual "use the view's owner for privilege
>> > checks", then it's unclear to me what that is.
>>
>> Global rethink may constitute other authentication methods like
>> certificate based authentication. But I am not clear about global
>> rethink in the context of owner privileges problem being discussed
>> here.
>
> Right, I'm all for an independent discussion about how we can have
> same-cluster or cross-cluster trust relationships set up to make it
> easier for users in one cluster/database to access tables in another
> that they should be allowed to, but that's a different topic from this.
>
> In other words, I think we're agreeing here. :)
Yes.
--
Best Wishes,
Ashutosh Bapat
EnterpriseDB Corporation
The Postgres Database Company
