| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Mark Dilger <hornschnorter(at)gmail(dot)com> |
| Cc: | Dave Page <dpage(at)pgadmin(dot)org>, Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Monitoring roles patch |
| Date: | 2017-03-28 18:29:09 |
| Message-ID: | 20170328182909.GH9812@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Greetings,
* Mark Dilger (hornschnorter(at)gmail(dot)com) wrote:
> The inability to revoke access to this sort of information being proposed
> makes me a bit uneasy.
What data are you concerned about, specifically?
> Mostly, I think, I'm bothered because there may
> be people who have revoked privileges on a lot of things, thereby restricting
> access to superuser, who won't necessarily notice this new feature in
> postgres 10. That could be a source of security holes that we get blamed
> for.
There is no access granted by adding this role without an admin granting
access to this role to some other user. If they make incorrect
assumptions about what granting access to this role means then I'm
afraid that's their issue, not ours.
> Please note that I'm not specifically opposed to this work, and see a lot
> of merit here. I'm just thinking about unintended consequences.
Certainly, good to think of, but I don't believe there's a concern here.
Thanks!
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Petr Jelinek | 2017-03-28 18:29:28 | Re: PoC plpgsql - possibility to force custom or generic plan |
| Previous Message | Stephen Frost | 2017-03-28 18:22:46 | Re: Monitoring roles patch |