| From: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
|---|---|
| To: | Noah Misch <noah(at)leadboat(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Cc: | Stephen Frost <sfrost(at)snowman(dot)net>, Magnus Hagander <magnus(at)hagander(dot)net>, "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com>, Alvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Robert Haas <robertmhaas(at)gmail(dot)com> |
| Subject: | Re: public schema default ACL |
| Date: | 2020-11-02 10:51:28 |
| Message-ID: | acc9d639-d329-7cfd-edf1-196a51e264df@2ndquadrant.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 2020-10-31 17:35, Noah Misch wrote:
> Overall, that's 3.2 votes for (b)(3)(X) and 0.0 to 1.0 votes for changing
> nothing. That suffices to proceed with (b)(3)(X). However, given the few
> votes and the conspicuous non-responses, work in this area has a high risk of
> failure. Hence, I will place it at a low-priority position in my queue.
My vote would also be (b)(3)(X). Allowing the database owner to manage
the public schema within their database makes a lot of sense,
independent of any overarching goals.
I'm not convinced, however, that this would would really move the needle
in terms of the general security-uneasiness about the public schema and
search paths. AFAICT, in any of your proposals, the default would still
be to have the public schema world-writable and in the path.
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Heikki Linnakangas | 2020-11-02 10:57:58 | Re: [patch] [doc] Add SELECT clause literals to queries section headers |
| Previous Message | Amit Kapila | 2020-11-02 10:41:40 | Re: [HACKERS] logical decoding of two-phase transactions |