From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | Stephen Frost <sfrost(at)snowman(dot)net> |
Cc: | Jaime Casanova <jcasanov(at)systemguards(dot)com(dot)ec>, Bruce Momjian <bruce(at)momjian(dot)us>, Abhijit Menon-Sen <ams(at)oryx(dot)com>, Alvaro Herrera <alvherre(at)commandprompt(dot)com>, Jaime Casanova <systemguards(at)gmail(dot)com>, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: Extending grant insert on tables to sequences |
Date: | 2008-09-04 00:03:54 |
Message-ID: | 9627.1220486634@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers pgsql-patches |
Stephen Frost <sfrost(at)snowman(dot)net> writes:
> * Jaime Casanova (jcasanov(at)systemguards(dot)com(dot)ec) wrote:
>> updating the patch with one that only extends inserts. though, i
>> haven't look at the col level privs patch yet.
> At least initially I wasn't planning to support column-level privileges
> for sequences, so I don't think it will affect you much. Do people
> think it makes sense to try and support that?
USAGE certainly wouldn't be column-level in any case --- it'd be a
privilege on the sequence as such. That end of it isn't the problem;
the problem is that column-level privileges on the table make it hard to
decide when to grant rights on the sequence, as I pointed out last time
round:
http://archives.postgresql.org/pgsql-hackers/2008-07/msg00624.php
> As your patch appears more ready-for-commit than the column-level
> privileges patch, I wouldn't worry about what code might have to move
> around, that'll be for me to deal with in a re-sync with HEAD once your
> patch is committed.
I think that's backwards. The above message raises serious concerns
about whether the USAGE-granting patch can be implemented at all in the
presence of column-level privileges. I think the right thing is to get
column privileges in and then see if it's possible to implement
USAGE-granting compatibly. I don't want to commit a patch that is
clearly going to be broken when (not if) column privileges arrive.
I note also that no response was given to my worries about pg_dump
behavior.
In short, this patch isn't much more ready to commit than it was
in the last fest.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Stephen Frost | 2008-09-04 00:30:52 | Re: pg_dump roles support |
Previous Message | Alvaro Herrera | 2008-09-04 00:01:33 | Re: [PATCH] Cleanup of GUC units code |
From | Date | Subject | |
---|---|---|---|
Next Message | Stephen Frost | 2008-09-04 00:41:41 | Re: Extending grant insert on tables to sequences |
Previous Message | Andrew Chernow | 2008-09-03 22:10:53 | Re: libpq events patch |