From: | Mark Dilger <mark(dot)dilger(at)enterprisedb(dot)com> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Joshua Brindle <joshua(dot)brindle(at)crunchydata(dot)com>, Andrew Dunstan <andrew(at)dunslane(dot)net>, Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, Jeff Davis <pgsql(at)j-davis(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, Joe Conway <joe(at)crunchydata(dot)com> |
Subject: | Re: Granting SET and ALTER SYSTE privileges for GUCs |
Date: | 2022-03-28 22:04:12 |
Message-ID: | D51DF8A9-8F7B-4195-96B7-311820E47BCD@enterprisedb.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
> On Mar 28, 2022, at 2:54 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>
> Yeah, I know it's *possible* to make this work. The question is why is
> it good to do it like this rather than to use the string API, now that
> we have the latter. AFAICS this way just guarantees that the hook must
> do a catalog lookup in order to figure out what you're talking about.
Ok, thanks for clarifying. I took the *HookStr versions of the hooks to be an alternative to be used when no Oid was present, something of a last resort. I never thought much about using them under other circumstances.
> The core point here is that the actual identity of a GUC is its name.
> Any OID that may exist in pg_parameter_acl is just a nonce alias that
> means nothing to anybody. Anyone who's trying to, say, enforce that
> Joe Blow can't change shared_buffers is going to need to see the GUC
> name. (I am, btw, busy doing a lot of renaming in the patch to try
> to clarify that these OIDs are not identifiers for GUCs; imagining
> that they are just risks confusion.)
I was about to write another patch using the HookStr form, but if you are already editing, then I'll let you make the change. I don't see a problem with what you are proposing.
—
Mark Dilger
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
From | Date | Subject | |
---|---|---|---|
Next Message | Andrew Dunstan | 2022-03-28 22:30:06 | Re: SQL/JSON: JSON_TABLE |
Previous Message | Tom Lane | 2022-03-28 21:54:28 | Re: Granting SET and ALTER SYSTE privileges for GUCs |