Re: Postgres Permissions Article

From: Karsten Hilbert <Karsten(dot)Hilbert(at)gmx(dot)net>
To: pgsql-general(at)postgresql(dot)org
Subject: Re: Postgres Permissions Article
Date: 2017-03-29 09:37:15
Message-ID: 20170329093714.56ol2l7wo6fxhvn7@hermes.hilbert.loc
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-general pgsql-hackers

On Tue, Mar 28, 2017 at 09:47:40AM -0700, Paul Jungwirth wrote:

> I wrote a blog post about the Postgres permissions system, and I thought I'd
> share:

> I also shared a few opinions amidst the facts (like that `USAGE` for schemas
> doesn't add much), so I am very pleased to have those challenged. You can
> consider them my own outstanding questions. I'd be especially grateful for
> any feedback there.

Not that I am an expert in any way but here's a thought on
why a permission on foreign key creation might be useful:

Being able to create foreign keys may allow to indirectly
discover whether certain values exists in a table which I
don't otherwise have access to (by means of failure or
success to create a judiciously crafted FK).

GPG key ID E4071346 @
E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346

In response to


Browse pgsql-general by date

  From Date Subject
Next Message Andrus 2017-03-29 10:03:40 How to get correct local time
Previous Message Giuseppe Sacco 2017-03-29 07:25:08 Using relations in the SELECT part

Browse pgsql-hackers by date

  From Date Subject
Next Message Amit Kapila 2017-03-29 10:39:49 Re: [POC] A better way to expand hash indexes.
Previous Message Craig Ringer 2017-03-29 09:17:07 Re: Logical decoding on standby