From: | Josh Kupershmidt <schmiddy(at)gmail(dot)com> |
---|---|
To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
Cc: | KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>, Simon Riggs <simon(at)2ndquadrant(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: [GENERAL] column-level update privs + lock table |
Date: | 2010-11-30 14:07:31 |
Message-ID: | AANLkTikZRh76EA0xv9Db=fxD+mVCzYBfpHb1YX4nctXm@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general pgsql-hackers |
On Mon, Nov 29, 2010 at 10:06 PM, Robert Haas <robertmhaas(at)gmail(dot)com> wrote:
> On Mon, Nov 29, 2010 at 9:37 PM, Josh Kupershmidt <schmiddy(at)gmail(dot)com> wrote:
>> I actually hadn't thought of that, for some reason.
>>
>> We used to similarly recommend that people handle TRUNCATE privileges
>> with a security definer function. That doesn't mean GRANT TRUNCATE
>> wasn't a sweet addition to 8.4.
>
> Hmm, glad you like it (I wrote that). I'm just asking how far we
> should go before we decide we catering to use cases that are too
> narrow to warrant an extension of the permissions system.
I am slightly opposed to adding GRANTs for LOCK TABLE, ANALYZE,
VACUUM, etc. The GRANT help page is long enough already, and I doubt
many users would use them, even though I might use GRANT LOCK TABLE
myself.
Josh
From | Date | Subject | |
---|---|---|---|
Next Message | Jonathan Vanasco | 2010-11-30 15:21:40 | how can i bugfix "idle in transaction" lockups ? |
Previous Message | Mark Felder | 2010-11-30 13:50:10 | Re: advise on performance issues please |
From | Date | Subject | |
---|---|---|---|
Next Message | David Fetter | 2010-11-30 14:15:08 | Re: Tab completion for view triggers in psql |
Previous Message | Rob Wultsch | 2010-11-30 13:26:37 | Re: DELETE with LIMIT (or my first hack) |