| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
| Cc: | Joe Conway <mail(at)joeconway(dot)com>, Magnus Hagander <magnus(at)hagander(dot)net>, "Hackers (PostgreSQL)" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: has_language_privilege returns incorrect answer for non-superuser |
| Date: | 2012-07-12 21:53:54 |
| Message-ID: | 12315.1342130034@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Peter Eisentraut <peter_e(at)gmx(dot)net> writes:
> As long as we're spending time on this, I'd propose getting rid of
> lanplistrusted, at least for access checking. Instead, just don't
> install USAGE privileges by default for those languages.
There's definitely something to that idea --- certainly lanpltrusted
dates from before we had a robust object-permissions system, and looks
like a bit of a wart now that we do have one.
I guess we could redefine the default privileges for languages as "none"
and then have the TRUSTED keyword mean to install public usage
privilege. Or maybe it would be safer for upgrade purposes if we kept
the default interpretation as-is and did an automatic REVOKE when
TRUSTED wasn't specified.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | mfwilson | 2012-07-12 22:16:18 | BUG #6733: All Tables Empty After pg_upgrade (PG 9.2.0 beta 2) |
| Previous Message | Peter Eisentraut | 2012-07-12 21:17:57 | Re: has_language_privilege returns incorrect answer for non-superuser |