| From: | Greg Stark <gsstark(at)mit(dot)edu> |
|---|---|
| To: | Josh Berkus <josh(at)agliodbs(dot)com> |
| Cc: | Jeff Davis <pgsql(at)j-davis(dot)com>, David Fetter <david(at)fetter(dot)org>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: pre-proposal: permissions made easier |
| Date: | 2009-06-30 03:24:40 |
| Message-ID: | 407d949e0906292024o1cb50c2dg786e1906a262898a@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Jun 30, 2009 at 1:51 AM, Josh Berkus<josh(at)agliodbs(dot)com> wrote:
>
>>It does
>> seems slightly silly since surely anyone creating a new object would
>> just paste in their grants from another object or some common source
>> anyways, but I suppose that's the way with convenience features.
>
> That works fine until you have 6 (or more) defined roles and a couple
> hundred objects, and are in a "agile" environment where the dev team is
> constantly adding objects which have the wrong permissions. That's whose
> problem I'm trying to solve (because they're my clients).
Well I don't understand how you get them wrong if you're just pasting
them from a file. I mean, sure you can pick the wrong template but
nothing can help you there. You could just as easily pick the wrong
template if it's a database feature instead of a text file.
"Agile" doesn't mean doing things without thinking about them :)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Josh Berkus | 2009-06-30 03:39:15 | Re: pre-proposal: permissions made easier |
| Previous Message | KaiGai Kohei | 2009-06-30 03:23:44 | Re: [PATCH] [v8.5] Security checks on largeobjects |