From: | Stephen Frost <sfrost(at)snowman(dot)net> |
---|---|
To: | Gilles Darold <gilles(at)darold(dot)net> |
Cc: | pgsql-hackers(at)lists(dot)postgresql(dot)org |
Subject: | Re: New default role- 'pg_read_all_data' |
Date: | 2020-08-28 17:25:32 |
Message-ID: | 20200828172532.GD29590@tamriel.snowman.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Greetings,
* Gilles Darold (gilles(at)darold(dot)net) wrote:
> Le 28/08/2020 à 16:52, Stephen Frost a écrit :
> >Using an FDW will often also require having a user mapping and there's
> >no way for that to be accomplished through only GRANT'ing a default
> >role, so I don't think we should mix this specific role with the FDW
> >permissions system.
>
> I'm fine with that, perhaps it should be mentioned in the documentation that
> foreign tables are not covered by this role.
We could say it doesn't GRANT CONNECT rights on databases, or EXECUTE on
functions too, but that doesn't seem like a terribly good approach for
the documentation to take- instead we document specifically what IS
included, which seems sufficiently clear to me.
Thanks,
Stephen
From | Date | Subject | |
---|---|---|---|
Next Message | Andres Freund | 2020-08-28 17:29:16 | Re: Allow ERROR from heap_prepare_freeze_tuple to be downgraded to WARNING |
Previous Message | Peter Geoghegan | 2020-08-28 16:54:42 | Re: Clang UndefinedBehaviorSanitize (Postgres14) Detected undefined-behavior |