| From: | Nathan Bossart <nathandbossart(at)gmail(dot)com> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: document the dangers of granting TRIGGER or REFERENCES |
| Date: | 2026-07-14 16:57:56 |
| Message-ID: | alZqlOr0RCIvizUW@nathan |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Jul 14, 2026 at 10:35:38AM -0400, Robert Haas wrote:
> On Tue, Jul 14, 2026 at 10:24 AM Nathan Bossart
> <nathandbossart(at)gmail(dot)com> wrote:
>> +1. I wonder if we should promote these to <note> or even <warning>.
>> While I'm hesitant to pepper the docs with too many more of those, this
>> seems like the sort of thing we don't want users to miss.
>
> I'm not going to fight you on that tooth and nail if you really want
> to do it that way, but I don't see much point. The paragraphs to which
> I propose to add this information are currently just one sentence long
> each, and with this patch they will be two sentences each. Probably we
> don't need markup for people to notice the second sentence.
WFM. I'm not particularly opinionated on the matter.
> Also, while there may very well be people who have legitimately been
> unpleasantly surprised by the actual behavior here, an awful lot of
> the "people" currently discovering the situation here are in fact just
> looking for a way to manufacture a security report. As long as we have
> a statement of some kind in the docs, we can just point to that. It
> doesn't need to be particularly prominent -- although I'm not trying
> to conceal it, either. I didn't find a more natural place to mention
> this than where I actually put it.
True.
--
nathan
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2026-07-14 17:14:15 | Re: document the dangers of granting TRIGGER or REFERENCES |
| Previous Message | Alberto Piai | 2026-07-14 16:50:53 | Re: Allow progress tracking of sub-commands |