From: | Bruce Momjian <bruce(at)momjian(dot)us> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, Jelte Fennema-Nio <postgres(at)jeltef(dot)nl>, Heikki Linnakangas <hlinnaka(at)iki(dot)fi>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, Daniel Gustafsson <daniel(at)yesql(dot)se>, Joel Jacobson <joel(at)compiler(dot)org>, Andrew Dunstan <andrew(at)dunslane(dot)net>, Gabriele Bartolini <gabriele(dot)bartolini(at)enterprisedb(dot)com>, Magnus Hagander <magnus(dot)hagander(at)redpill-linpro(dot)com>, Maciek Sakrejda <m(dot)sakrejda(at)gmail(dot)com> |
Subject: | Re: Possibility to disable `ALTER SYSTEM` |
Date: | 2024-03-26 16:35:39 |
Message-ID: | ZgL5W5S3DFq9rmXm@momjian.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Tue, Mar 26, 2024 at 10:23:51AM -0400, Tom Lane wrote:
> Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> > On Mon, Mar 25, 2024 at 5:04 PM Bruce Momjian <bruce(at)momjian(dot)us> wrote:
> >> To me, externally_managed_configuration is promising a lot more than it
> >> delivers because there is still a lot of ocnfiguration it doesn't
> >> control. I am also confused why the purpose of the feature, external
> >> management of configuation, is part of the variable name. We usually
> >> name parameters for what they control.
>
> > I actually agree with this. I wasn't going to quibble with it because
> > other people seemed to like it. But I think something like
> > allow_alter_system would be better, as it would describe the exact
> > thing that the parameter does, rather than how we think the parameter
> > ought to be used.
>
> +1. The overpromise-and-underdeliver aspect of the currently proposed
> name is a lot of the reason I've been unhappy and kept pushing for it
> to lock things down more. "allow_alter_system" is a lot more
> straightforward about exactly what it does, and if that is all we want
> it to do, then a name like that is good.
I am thinking "enable_alter_system_command" is probably good because we
already use "enable" so why not reuse that idea, and I think "command"
is needed because we need to clarify we are talking about the command,
and not generic altering of the system. We could use
"enable_sql_alter_system" if people want something shorter.
Will people think this allows non-root users to use ALTER SYSTEM if
enabled?
--
Bruce Momjian <bruce(at)momjian(dot)us> https://momjian.us
EDB https://enterprisedb.com
Only you can decide what is important to you.
From | Date | Subject | |
---|---|---|---|
Next Message | Nathan Bossart | 2024-03-26 16:59:18 | Re: Slow GRANT ROLE on PostgreSQL 16 with thousands of ROLEs |
Previous Message | Nathan Bossart | 2024-03-26 16:34:49 | Re: pgsql: Allow using syncfs() in frontend utilities. |