From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | Dimitri Fontaine <dimitri(at)2ndQuadrant(dot)fr> |
Cc: | pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: Getting rid of pg_pltemplate |
Date: | 2011-08-23 19:19:51 |
Message-ID: | 1918.1314127191@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Dimitri Fontaine <dimitri(at)2ndQuadrant(dot)fr> writes:
> Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> writes:
>> We'll add a new boolean parameter to extension control files, called say
>> "dba_create" (ideas for better names welcome). If it's missing or set
>> to false, there's no change in behavior. When it's true, then
>>
>> (a) you must be superuser or owner of the current database to create the
>> extension;
>>
>> (b) the commands within the extension's script will be run as though by a
>> superuser, even if you aren't one.
> That's called sudo on linux. I propose that we stick to such a name.
I'm not impressed with that name: it will mean nothing to Windows users,
nor for that matter to many non-sysadmin types on Unix.
> Do we want a more general SUDO facility in PostgreSQL? It would be, I
> guess, about the same thing as SET ROLE postgres;
Yeah, I think SET ROLE already covers that territory.
The point of the current proposal is to grant a very limited subset of
superuser privileges --- specifically, the right to install specific
extensions --- to database owners. Maybe it'd make sense to eliminate
the tie to database ownership and instead consider that you're allowed
to do this if you're a member of some predefined role, which then would
typically be GRANTed to database owners or other semi-trustworthy people.
But we don't currently have any predefined group roles like that, so
it'd be a rather large departure from past practice.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Christopher Browne | 2011-08-23 19:51:09 | Re: Getting rid of pg_pltemplate |
Previous Message | Alvaro Herrera | 2011-08-23 19:12:50 | Re: text search: restricting the number of parsed words in headline generation |