Skip site navigation (1) Skip section navigation (2)

Re: pre-proposal: permissions made easier

From: Greg Stark <gsstark(at)mit(dot)edu>
To: Josh Berkus <josh(at)agliodbs(dot)com>
Cc: Jeff Davis <pgsql(at)j-davis(dot)com>, David Fetter <david(at)fetter(dot)org>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: pre-proposal: permissions made easier
Date: 2009-06-30 03:24:40
Message-ID: 407d949e0906292024o1cb50c2dg786e1906a262898a@mail.gmail.com (view raw or flat)
Thread:
Lists: pgsql-hackers
On Tue, Jun 30, 2009 at 1:51 AM, Josh Berkus<josh(at)agliodbs(dot)com> wrote:
>
>>It does
>> seems slightly silly since surely anyone creating a new object would
>> just paste in their grants from another object or some common source
>> anyways, but I suppose that's the way with convenience features.
>
> That works fine until you have 6 (or more) defined roles and a couple
> hundred objects, and are in a "agile" environment where the dev team is
> constantly adding objects which have the wrong permissions.  That's whose
> problem I'm trying to solve (because they're my clients).

Well I don't understand how you get them wrong if you're just pasting
them from a file. I mean, sure you can pick the wrong template but
nothing can help you there. You could just as easily pick the wrong
template if it's a database feature instead of a text file.

"Agile" doesn't mean doing things without thinking about them :)

-- 
greg
http://mit.edu/~gsstark/resume.pdf

In response to

Responses

pgsql-hackers by date

Next:From: Josh BerkusDate: 2009-06-30 03:39:15
Subject: Re: pre-proposal: permissions made easier
Previous:From: KaiGai KoheiDate: 2009-06-30 03:23:44
Subject: Re: [PATCH] [v8.5] Security checks on largeobjects

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group