Re: type privileges and default privileges

* Tom Lane (tgl(at)sss(dot)pgh(dot)pa(dot)us) wrote:
> Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> > On Thu, Nov 10, 2011 at 3:17 PM, Peter Eisentraut <peter_e(at)gmx(dot)net> wrote:
> >> No, I'm pondering having pg_default_acl initialized so that newly
> >> created types have explicit USAGE privileges in their typacl column, so
> >> acldefault() wouldn't be needed. (And builtin types would have their
> >> typacl initialized analogously.) I suppose this is how we might have
> >> done it if we had invented ALTER DEFAULT PRIVILEGES first.
>
> > I'm not convinced. That's a lot of catalog clutter for no benefit.
>
> To actually get rid of acldefault, we'd have to do that not only for
> types but for all objects with ACLs. That's a LOT of catalog bulk,
> and like Robert I'm not seeing much benefit. It's not unreasonable
> to want the typical case to be small and fast.

A LOT of catalog bulk..? Am I missing something here? Aren't we just
talking about 16 bytes, or so, per catalog entry? On one of my larger
databases, with ~250k catalog records, we're talking about 4MB. That
catalog is currently 130MB. An empty database has, what, 5000 objects?
That'd be ~80KB?

My thought would be to have a place where we keep what the 'default
default' ACL is for each object type (yes, with the idea that it could
be modified, I'd see that as a nice feature and I don't think we need
to worry, as much, about performance of DDL..) and then we populate the
ACL for each created object with the 'default default' ACL. Perhaps we
integrate this with the existing default permissions system.. This
isn't a new idea to me, to be honest..

Thanks,

Stephen