On Sat, Jul 9, 2022 at 08:19:41PM -0700, Noah Misch wrote:
> > I think you would need to say "previous behavior" since people might be
> > upgrading from releases before PG 14. I also would change "In existing
>
> I felt "previous behavior" was mildly ambiguous. I've changed it to "the
> behavior of prior releases".
Sure.
>
> > databases" to "For existing databases". I think your big risk here is
>
> Done. New version attached.
I had trouble reading the sentences in the order you used so I
restructured it:
The new default is one of the secure schema usage patterns that <xref
linkend="ddl-schemas-patterns"/> has recommended since the security
release for CVE-2018-1058. The change applies to newly-created
databases in existing clusters and for new clusters. Upgrading a
cluster or restoring a database dump will preserve existing permissions.
For existing databases, especially those having multiple users, consider
issuing <literal>REVOKE</literal> to adopt this new default. For new
databases having zero need to defend against insider threats, granting
<literal>USAGE</literal> permission on their <literal>public</literal>
schemas will yield the behavior of prior releases.
> > Is this something we want to get into in the release notes, or perhaps
> > do we need to link to a wiki page for these details?
>
> No supported release has a wiki page link in its release notes. We used wiki
> pages in the more-distant past, but I don't recall why. I am not aware of
> wiki pages having relevant benefits.
I think the wiki was good if you needed a lot of release-specific text,
or if you wanted to adjust the wording after the release.
--
Bruce Momjian <bruce@momjian.us> https://momjian.us
EDB https://enterprisedb.com
Indecision is a decision. Inaction is an action. Mark Batterson
