| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | David G Johnston <david(dot)g(dot)johnston(at)gmail(dot)com> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Proposal: two new role attributes and/or capabilities? |
| Date: | 2014-12-23 19:04:20 |
| Message-ID: | 20141223190420.GN3062@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
* David G Johnston (david(dot)g(dot)johnston(at)gmail(dot)com) wrote:
> I'd rather there be better, more user friendly, SQL-based APIs to the
> permissions system that would facilitate performing and reviewing grants.
This would be *really* nice, I agree. I've heard tale of people writing
functions that go through the catalog based on a given user and spit
back everything that they have permissions to. Would be really nice if
we had those kinds of functions built-in.
> If something like IMPERSONATE was added I would strongly suggest a
> corresponding "[NO]IMPERSONATE" for CREATE USER so that the admin can make
> specific roles unimpersonable - and also make SUPERUSER roles unimpersonable
> by rule.
I agree that this would be necessary.. but strikes me as less of a
complete solution than what the existing pg_auth_members approach grants
you.
Perhaps a better idea would be to simply make the bouncer unnecessary by
having a in-PG connection pooler type of system. That's been discussed
previously and shot down but it's still one of those things that's on my
wish-list for PG.
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stephen Frost | 2014-12-23 19:05:14 | Re: Proposal: two new role attributes and/or capabilities? |
| Previous Message | José Luis Tallón | 2014-12-23 19:00:18 | Re: Proposal: two new role attributes and/or capabilities? |