| From: | Bruno Wolff III <bruno(at)wolff(dot)to> |
|---|---|
| To: | Michael Fuhr <mike(at)fuhr(dot)org> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Proposal: GRANT cascade to implicit sequences |
| Date: | 2004-10-13 16:25:14 |
| Message-ID: | 20041013162514.GA10883@wolff.to |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Wed, Oct 13, 2004 at 00:37:35 -0600,
Michael Fuhr <mike(at)fuhr(dot)org> wrote:
> Comments? Can anybody think of why cascading GRANT and REVOKE to
> implicit sequences might be A Bad Idea?
Since you can do odd things using explicit sequences, limiting implicit
sequences to make things convenient in the common case seems like a
reasonable goal.
If you go that route it may be a good idea to not allow direct grants and
revokes on implicit sequences and just have their access rights derived from
the tables.
I also think there is some merit in splitting the access rights for nextval
and setval, so that insert access grants access to nextval and update access
grants access to setval (or perhaps both nextval and setval). That way people
who can just insert in the table can't set the sequence number backwards.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robin Ericsson | 2004-10-13 16:27:20 | Re: [PERFORM] query problem |
| Previous Message | Tino Wildenhain | 2004-10-13 16:04:01 | Re: Commit / Rollback in PL/pgSQL ? |