| From: | Simon Riggs <simon(at)2ndQuadrant(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Privileges and inheritance |
| Date: | 2009-10-05 14:31:45 |
| Message-ID: | 1254753105.4691.163.camel@ebony.2ndQuadrant |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Mon, 2009-10-05 at 10:14 -0400, Tom Lane wrote:
> Simon Riggs <simon(at)2ndQuadrant(dot)com> writes:
> > On Mon, 2009-10-05 at 13:06 +0300, Peter Eisentraut wrote:
> >> I don't see where the problem is here.
>
> > In your last post you said it was necessary to use ONLY to address the
> > required partitions and so setup would be weird. I am showing that this
> > is not required and the setup is smooth.
>
> Peter is right and you are wrong: this setup STILL needs ONLY, unless
> permissions are in sync with inheritance, ie, every child has the union
> of its parents' permissions. It would work at least as well under
> Peter's proposal as with the existing behavior.
What I proposed works, so perhaps we are talking about different things.
If you wish to see all data you grant access to parent_full, if you wish
to see recent data you grant access to parent_partial. The partitions
can then be given access to the various users.
--
Simon Riggs www.2ndQuadrant.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2009-10-05 14:32:53 | Re: Rules: A Modest Proposal |
| Previous Message | Tom Lane | 2009-10-05 14:19:05 | Re: Hot Standby on git |