Skip site navigation (1) Skip section navigation (2)

Re: pre-proposal: permissions made easier

From: Greg Stark <gsstark(at)mit(dot)edu>
To: Josh Berkus <josh(at)agliodbs(dot)com>
Cc: Jeff Davis <pgsql(at)j-davis(dot)com>, David Fetter <david(at)fetter(dot)org>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: pre-proposal: permissions made easier
Date: 2009-06-29 19:53:54
Message-ID: 407d949e0906291253h2a429d66p14cfd6330da37c10@mail.gmail.com (view raw or flat)
Thread:
Lists: pgsql-hackers
On Mon, Jun 29, 2009 at 7:41 PM, Josh Berkus<josh(at)agliodbs(dot)com> wrote:
> The main reason is existing practice.

I haven't followed the entire conversation so i'm not sure who I'm
going to be disagreeing with or agreeing with here. But I wanted to
mention that existing practice may not be a very useful place to start
here. Whatever mechanism we invent is going to change the calculus of
people deciding how to set up their schemas and roles since they'll
want to arrange things to take advantage of this new mechanism.

In particular, one early question was whether to use wildcard patterns
or schema names. People were saying wildcard patterns would be more
flexible because people don't always set up their objects in different
schemas. But if we had a mechanism someone wanted to use which
depended on schemas they would be far more likely to choose to set up
schemas for objects which belong in different security classes.

-- 
greg
http://mit.edu/~gsstark/resume.pdf

In response to

Responses

pgsql-hackers by date

Next:From: Josh BerkusDate: 2009-06-29 20:02:46
Subject: Re: pre-proposal: permissions made easier
Previous:From: Josh BerkusDate: 2009-06-29 19:42:50
Subject: Re: pre-proposal: permissions made easier

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group