Skip site navigation (1) Skip section navigation (2)

Re: [PATCHES] Users/Groups -> Roles

From: Fabien COELHO <coelho(at)cri(dot)ensmp(dot)fr>
To: Bruno Wolff III <bruno(at)wolff(dot)to>
Cc: PostgreSQL Developers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: [PATCHES] Users/Groups -> Roles
Date: 2005-06-30 14:27:21
Message-ID: Pine.LNX.4.63.0506301618150.3461@sablons.cri.ensmp.fr (view raw or flat)
Thread:
Lists: pgsql-hackers
Dear Bruno,

>> The standard talks about 2 distinct concepts: USER and ROLE (4.34). I'm
>> not sure it is a good idea to drop the user concept to replace it by role.
>> If you do so, you may miss something about what roles are about.
>
> I think it is a good idea to make users synonymous with roles with
> regard to privileges. This will make checking for access simpler
> and mistakes less likely. The special part of being a user in addition
> to a role is that being a user allows for authentication.

There are two distinct issues : implementation and design/feature.

I'm arguing on the feature, as I wish per-catalog ROLEs, which cannot be
fused with per-cluster USERs.

I agree with you that the current implementation for a per-cluster role is 
very reasonnable or even witty. It just does not provide the feature I'm 
looking for, namely managing privileges locally to a database, without
interference from one database to another.

-- 
Fabien.

In response to

pgsql-hackers by date

Next:From: Stephen FrostDate: 2005-06-30 14:43:29
Subject: Re: [PATCHES] Users/Groups -> Roles
Previous:From: Ing. Jhon Carrillo - Caracas, VenezuelaDate: 2005-06-30 14:17:52
Subject: 3des functions?

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group