On Wed, Mar 28, 2018 at 9:56 PM, David G. Johnston <david.g.johns...@gmail.com> wrote: > On Wed, Mar 28, 2018 at 6:38 PM, Isaac Morland <isaac.morl...@gmail.com> > wrote: >> One question I would have is: what proposals exist or have existed for >> additional privilege bits? How much pressure is there to use some of the >> remaining bits? I actually looked into the history of the permission bits >> and found that we can summarize and approximate the history as 10 years of >> expansion from 4 to 12, then nothing added in the last 10 years. > > I made an argument for an "ANALYZE" grant a little while back, and it kinda > leads one to want one for VACUUM as well.
Yeah, and FWIW, I think that's a totally reasonable request, as is this one. The problem is that our authentication model seems to have been designed under the assumption that there weren't all that many different things you might want to separately GRANT, and the requests we've had over the years show that this isn't the case. So the request is reasonable; it's just hard to implement. I think we should somehow move to a system where there's a set of "core" permissions that are identified by bits for efficiency, and a set of "extended" permissions which are identified by names for extensibility. Things like VACUUM and ANALYZE and REFRESH could be extended permissions. To handle the on-disk issue, I think we could introduce a new varlena type that's like aclitem but permits extra variable-length data at the end. It would be a different data type but pretty easy to convert back and forth. Still probably a lot of work to make it happen, though, unfortunately. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company