| From: | Chao Li <li(dot)evan(dot)chao(at)gmail(dot)com> |
|---|---|
| To: | Shlok Kyal <shlok(dot)kyal(dot)oss(at)gmail(dot)com> |
| Cc: | PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Improve documentation of publication privilege checks |
| Date: | 2025-12-23 09:16:47 |
| Message-ID: | 9BDFA95D-9DCE-46D1-80EA-71528F8B3A01@gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> On Dec 23, 2025, at 16:59, Shlok Kyal <shlok(dot)kyal(dot)oss(at)gmail(dot)com> wrote:
>
> Hi Hackers,
>
> While reviewing the Security section of the logical replication
> documentation, I felt that the description of privilege requirements
> for publications is ambiguous, and clarity could be improved by
> explicitly mentioning the associated SQL syntax. Thoughts?
>
> Thanks,
> Shlok Kyal
> <v1-0001-Improve-documentation-of-publication-privilege-ch.patch>
I have no objection to this patch. Just the new phrase sounds a little redundant as “FOR TABLES IN SCHEMA” is mentioned twice back-to-back. I tried to rephrase like:
```
To create a publication that automatically publishes objects using
<literal>FOR ALL TABLES</literal>,
<literal>FOR ALL SEQUENCES</literal>, or
<literal>FOR TABLES IN SCHEMA</literal>, the user must be a superuser.
Likewise, adding tables using <literal>TABLES IN SCHEMA</literal> with
<command>ALTER PUBLICATION</command> requires superuser privileges.
To add individual tables to a publication, the user must have ownership rights on the table.
```
I am open if you accept my suggestion or try to enhance the phrase on your own.
Best regards,
--
Chao Li (Evan)
HighGo Software Co., Ltd.
https://www.highgo.com/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alena Vinter | 2025-12-23 09:33:30 | Re: Startup PANIC on standby promotion due to zero-filled WAL segment |
| Previous Message | Shlok Kyal | 2025-12-23 08:59:03 | Improve documentation of publication privilege checks |