Re: fix and document CLUSTER privileges

From: Nathan Bossart <nathandbossart(at)gmail(dot)com>
To: Andrew Dunstan <andrew(at)dunslane(dot)net>
Cc: Justin Pryzby <pryzby(at)telsasoft(dot)com>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: fix and document CLUSTER privileges
Date: 2022-12-08 18:13:24
Message-ID: 20221208181324.GA4385@nathanxps13
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers

On Thu, Dec 08, 2022 at 07:20:28AM -0500, Andrew Dunstan wrote:
> We should probably talk about what the privileges should be, though. I
> think there's a case to be made that CLUSTER should be governed by the
> VACUUM privileges, given how VACUUM FULL is now implemented.

SCHEMA|DATABASE|SYSTEM) require ownership of the relation or superuser. In
fact, all three use the same RangeVarCallbackOwnsTable() callback function.
My current thinking is that this is good enough. I don't sense any strong
demand for allowing database owners to run these commands on all non-shared
relations, and there's ongoing work to break out the privileges to GRANT
and predefined roles. However, I don't have a strong opinion about this.

If we do want to change the permissions model for CLUSTER, it might make
sense to change all three of the aforementioned commands to look more like

Nathan Bossart
Amazon Web Services:

In response to


Browse pgsql-hackers by date

  From Date Subject
Next Message Nathan Bossart 2022-12-08 18:37:07 allow granting CLUSTER, REFRESH MATERIALIZED VIEW, and REINDEX
Previous Message Nathan Bossart 2022-12-08 17:15:03 Re: add \dpS to psql