| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
| Cc: | Simon Riggs <simon(at)2ndquadrant(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Superowners |
| Date: | 2017-01-30 00:44:45 |
| Message-ID: | 20170130004445.GQ9812@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
* Peter Eisentraut (peter(dot)eisentraut(at)2ndquadrant(dot)com) wrote:
> On 1/26/17 1:25 PM, Simon Riggs wrote:
> > That should include the ability to dump all objects, yet without any
> > security details. And it should allow someone to setup logical
> > replication easily, including both trigger based and new logical
> > replication. And GRANT ON ALL should work.
>
> This basically sounds like a GRANT $privilege ON ALL $objecttype TO
> $user. So you could have a user that can read everything, for example.
>
> This kind of thing has been asked for many times, but that quieted down
> when the default privileges feature appeared. I think it would still be
> useful.
Agreed. I would think we'd either do this with a default role or a role
attribute.
Thanks!
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | vinayak | 2017-01-30 01:20:27 | Re: Transactions involving multiple postgres foreign servers |
| Previous Message | Andres Freund | 2017-01-29 23:45:30 | Re: [PATCH] Rename pg_switch_xlog to pg_switch_wal |