Re: [GENERAL] column-level update privs + lock table

From: Josh Kupershmidt <schmiddy(at)gmail(dot)com>
To: Robert Haas <robertmhaas(at)gmail(dot)com>
Cc: KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>, Simon Riggs <simon(at)2ndquadrant(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: [GENERAL] column-level update privs + lock table
Date: 2010-11-30 14:07:31
Message-ID: AANLkTikZRh76EA0xv9Db=fxD+mVCzYBfpHb1YX4nctXm@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general pgsql-hackers

On Mon, Nov 29, 2010 at 10:06 PM, Robert Haas <robertmhaas(at)gmail(dot)com> wrote:
> On Mon, Nov 29, 2010 at 9:37 PM, Josh Kupershmidt <schmiddy(at)gmail(dot)com> wrote:
>> I actually hadn't thought of that, for some reason.
>>
>> We used to similarly recommend that people handle TRUNCATE privileges
>> with a security definer function. That doesn't mean GRANT TRUNCATE
>> wasn't a sweet addition to 8.4.
>
> Hmm, glad you like it (I wrote that).  I'm just asking how far we
> should go before we decide we catering to use cases that are too
> narrow to warrant an extension of the permissions system.

I am slightly opposed to adding GRANTs for LOCK TABLE, ANALYZE,
VACUUM, etc. The GRANT help page is long enough already, and I doubt
many users would use them, even though I might use GRANT LOCK TABLE
myself.

Josh

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Jonathan Vanasco 2010-11-30 15:21:40 how can i bugfix "idle in transaction" lockups ?
Previous Message Mark Felder 2010-11-30 13:50:10 Re: advise on performance issues please

Browse pgsql-hackers by date

  From Date Subject
Next Message David Fetter 2010-11-30 14:15:08 Re: Tab completion for view triggers in psql
Previous Message Rob Wultsch 2010-11-30 13:26:37 Re: DELETE with LIMIT (or my first hack)