Re: pre-proposal: permissions made easier

From: Jeff Davis <pgsql(at)j-davis(dot)com>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: pre-proposal: permissions made easier
Date: 2009-06-28 18:36:25
Message-ID: 1246214185.23359.41.camel@jdavis
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Sun, 2009-06-28 at 14:32 -0400, Tom Lane wrote:
> Jeff Davis <pgsql(at)j-davis(dot)com> writes:
> > My idea is to have a "GRANT mask":
> > CREATE ROLE foo_ro GRANT (SELECT ON TABLE, USAGE ON SCHEMA) FROM foo;
>
> You haven't really explained what "foo" is here. If it's a single
> object then I don't think this offers any leverage. If it's a
> placeholder or class representative of some kind, then maybe, but
> in that case you've entirely failed to convey the point ...
>

I meant for "foo" to be a user. "foo_ro" would be the read-only version,
who has a strict subset of foo's permissions.

Regards,
Jeff Davis

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2009-06-28 18:56:57 Re: pre-proposal: permissions made easier
Previous Message Tom Lane 2009-06-28 18:32:07 Re: pre-proposal: permissions made easier