Re: Proposal for enhancements of privilege system

From: Peter Eisentraut <peter_e(at)gmx(dot)net>
To: Andreas Zeugswetter <andreas(dot)zeugswetter(at)telecom(dot)at>
Cc: PostgreSQL Development <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Proposal for enhancements of privilege system
Date: 2000-05-29 17:11:49
Message-ID: Pine.LNX.4.21.0005291754030.359-100000@localhost.localdomain
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Andreas Zeugswetter writes:

> Imho this is an area where it does make sense to look at what other
> db's do, because it makes the toolwriters life so much easier if pg
> behaves like some other common db.

The defined interface to the privilege system is GRANT, REVOKE, and
"access denied" (and a couple of INFORMATION_SCHEMA views, eventually).
I don't see how other db's play into this.

> Other db's usually use a char array for priaction and don't have
> priisgrantable, but code it into priaction. Or they use a bitfield.
> This has the advantage of only producing one row per table.

That's the price I'm willing to pay for abstraction, extensibility, and
verifyability. But I'm open for better ideas.

--
Peter Eisentraut Sernanders väg 10:115
peter_e(at)gmx(dot)net 75262 Uppsala
http://yi.org/peter-e/ Sweden

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2000-05-29 17:23:49 Re: pg_* files are too large for empty database.
Previous Message Peter Eisentraut 2000-05-29 17:11:38 Configuration and build clean-up