| From: | Magnus Hagander <magnus(at)hagander(dot)net> |
|---|---|
| To: | Josh Berkus <josh(at)agliodbs(dot)com> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: db_user_namespace a "temporary measure" |
| Date: | 2014-03-12 07:22:06 |
| Message-ID: | CABUevEzSx1=_bPEpuhg4-7rwPeVDNwX6YJA3VGXfMKm_hASBwg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Mar 12, 2014 1:46 AM, "Josh Berkus" <josh(at)agliodbs(dot)com> wrote:
>
> On 03/11/2014 06:57 AM, Tom Lane wrote:
> > Mind you, I wouldn't be unhappy to see it go away; it's a kluge and
always
> > has been. I'm just expecting lots of push-back if we try. And it's
kind
> > of hard to resist push-back when you don't have a substitute to offer.
>
> Yeah, what we really need is encapsulated per-DB users and local
> superusers. I think every agrees that this is the goal, but nobody
> wants to put in the work to implement a generalized solution.
>
Encapsulated would probably be the doable part. But local superuser? Given
that a superuser can load and run binaries, how would you propose you
restrict that superuser from doing anything they want? And if you don't
need that functionality, then hows it really different from being the
database owner?
/Magnus
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Albe Laurenz | 2014-03-12 08:19:41 | Re: The case against multixact GUCs |
| Previous Message | Amit Kapila | 2014-03-12 06:53:11 | Re: Patch: show relation and tuple infos of a lock to acquire |