| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Bruce Momjian <bruce(at)momjian(dot)us> |
| Cc: | Joseph Nahmias <joe(at)nahmias(dot)net>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: create database with template doesn't copy database ACL |
| Date: | 2020-06-15 03:24:56 |
| Message-ID: | 1092722.1592191496@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-docs pgsql-hackers |
Bruce Momjian <bruce(at)momjian(dot)us> writes:
> I am unclear if we should be copying the CONNECT and TEMPORARY
> attributes or documenting that CREATE DATABASE does not copy them.
We should absolutely not copy them.
As an example, it'd make sense for an admin to revoke CONNECT on a
template database, just to help ensure that nobody modifies it.
If that propagated to every created database, it would be a complete
fail.
Moreover, since the ACLs of an object depend quite a bit on who the owner
is, it'd make no sense to copy them to a new object that has a different
owner. The granted-by fields would be wrong, if nothing else.
In practice, CREATE DATABASE never has copied any database-level property
of the template DB, only its contents. (Well, I guess it copies encoding
and collation by default, but those are descriptive of the contents.)
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2020-06-15 03:39:34 | Re: create database with template doesn't copy database ACL |
| Previous Message | Bruce Momjian | 2020-06-15 03:11:02 | Re: create database with template doesn't copy database ACL |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2020-06-15 03:39:34 | Re: create database with template doesn't copy database ACL |
| Previous Message | Bruce Momjian | 2020-06-15 03:11:02 | Re: create database with template doesn't copy database ACL |