| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Jeff Davis <pgsql(at)j-davis(dot)com> |
| Cc: | Josh Berkus <josh(at)agliodbs(dot)com>, David Fetter <david(at)fetter(dot)org>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: pre-proposal: permissions made easier |
| Date: | 2009-06-29 18:38:12 |
| Message-ID: | 17449.1246300692@sss.pgh.pa.us |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Jeff Davis <pgsql(at)j-davis(dot)com> writes:
> On Mon, 2009-06-29 at 10:52 -0700, Josh Berkus wrote:
>> 1) ALTER SCHEMA SET DEFAULT PRIVILEGES statements which sets default
>> permissions, by ROLE and object type, on new objects.
>>
>> 2) a statement to set privs on all existing objects by type and role
>> within a schema.
> I don't see why either of these things should be properties of the
> schema. It seems to make much more sense for these defaults to be a
> property of the user who creates the objects.
That seems fairly backwards to me. I agree that tying it to schemas
is a bit less flexible than one could wish, but that doesn't make
attaching it to the user the right thing.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2009-06-29 18:40:31 | Re: Query progress indication - an implementation |
| Previous Message | Joshua Tolley | 2009-06-29 18:33:59 | Re: Query progress indication - an implementation |