[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pgsql-hackers
Subject:    Re: [HACKERS] Additional role attributes && superuser review
From:       Alvaro Herrera <alvherre () 2ndquadrant ! com>
Date:       2015-11-30 19:44:30
Message-ID: 20151130194430.GB2763 () alvherre ! pgsql
[Download RAW message or body]

Stephen Frost wrote:
> * Robert Haas (robertmhaas@gmail.com) wrote:

> > > I can think of a use-case for a user who can call pg_switch_xlog, but
> > > not pg_start_backup()/pg_stop_backup(), but I have to admit that it
> > > seems rather limited and I'm on the fence about it being a worthwhile
> > > distinction.
> > 
> > Sounds too narrow to me.  Are we going to have a separate predefined
> > role for every security-restricted function to which someone might
> > want to grant access?  That seems over the top to me.
> 
> I certainly don't want to go down to that level and was, as seen above,
> unsure about having pg_switch_xlog() as a differentiated privilege.
> Michael, do you still see that as a useful independent capability?

Hmm, Robert's argument seems reasonable -- we can continue to offer
access to individual elements by granting execute on a security-definer
function owned by predefined user pg_backup.

-- 
Álvaro Herrera                http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services


-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
[prev in list] [next in list] [prev in thread] [next in thread]