| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Isaac Morland <isaac(dot)morland(at)gmail(dot)com> |
| Cc: | PostgreSQL Developers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Safety/validity of resetting permissions by updating system tables |
| Date: | 2021-01-01 16:44:08 |
| Message-ID: | 2525549.1609519448@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Isaac Morland <isaac(dot)morland(at)gmail(dot)com> writes:
> Is it safe and valid to reset to default permissions by doing
> UPDATE pg_namespace/pg_class/pg_type/pg_proc
> SET nspacl/relacl/typacl/proacl = NULL WHERE ... to accomplish this?
Not terribly; the main objection is you'd fail to update pg_shdepend.
> And what do people think, conceptually, of the notion of adding a command
> to do this without resorting to updating system tables directly?
I'm a little skeptical as to the use-case, particularly once you take
ALTER DEFAULT PRIVILEGES into account and try to figure out what that
means. If it means "apply the current default privileges", you could
easily be "resetting" to a state that never actually prevailed in the
past.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Zhihong Yu | 2021-01-01 17:58:43 | Re: poc - possibility to write window function in PL languages |
| Previous Message | Zhihong Yu | 2021-01-01 16:06:15 | Re: [PATCH] postgres_fdw connection caching - cause remote sessions linger till the local session exit |