| From: | Alvaro Herrera <alvherre(at)commandprompt(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, Josh Berkus <josh(at)agliodbs(dot)com>, Joseph Adams <joeyadams3(dot)14159(at)gmail(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Proposal: access control jails (and introduction as aspiring GSoC student) |
| Date: | 2010-03-24 00:10:43 |
| Message-ID: | 20100324001043.GD3240@alvh.no-ip.org |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Tom Lane escribió:
> Alvaro Herrera <alvherre(at)commandprompt(dot)com> writes:
> > Robert Haas escribi:
> >> But roles aren't database-specific... they're globals.
>
> > Well, that's another longstanding request ;-) (See the
> > db_user_namespace hack)
>
> Yeah, you'd have to fix that first. The "ambitious" part of that is
> coming up with a spec that everybody will accept. Once you had that,
> coding it might not be very hard ...
I wonder if this is simpler now that we got rid of the flat files stuff.
We could validate the user once we've connected to a database and thus
able to poke at the local user catalog, not just the global one. I
think that was a serious roadblock.
--
Alvaro Herrera http://www.CommandPrompt.com/
The PostgreSQL Company - Command Prompt, Inc.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2010-03-24 00:16:07 | Re: Proposal: access control jails (and introduction as aspiring GSoC student) |
| Previous Message | Bruce Momjian | 2010-03-23 23:43:47 | booleans in recovery.conf |