| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Gilles Darold <gilles(at)darold(dot)net> |
| Cc: | pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: New default role- 'pg_read_all_data' |
| Date: | 2020-08-28 17:25:32 |
| Message-ID: | 20200828172532.GD29590@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Greetings,
* Gilles Darold (gilles(at)darold(dot)net) wrote:
> Le 28/08/2020 à 16:52, Stephen Frost a écrit :
> >Using an FDW will often also require having a user mapping and there's
> >no way for that to be accomplished through only GRANT'ing a default
> >role, so I don't think we should mix this specific role with the FDW
> >permissions system.
>
> I'm fine with that, perhaps it should be mentioned in the documentation that
> foreign tables are not covered by this role.
We could say it doesn't GRANT CONNECT rights on databases, or EXECUTE on
functions too, but that doesn't seem like a terribly good approach for
the documentation to take- instead we document specifically what IS
included, which seems sufficiently clear to me.
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andres Freund | 2020-08-28 17:29:16 | Re: Allow ERROR from heap_prepare_freeze_tuple to be downgraded to WARNING |
| Previous Message | Peter Geoghegan | 2020-08-28 16:54:42 | Re: Clang UndefinedBehaviorSanitize (Postgres14) Detected undefined-behavior |