Petr Jelinek napsal(a):
Robert Haas napsal(a):I'm going to reiterate what I suggested upthread... let's let the default, global default ACL contain the hard-wired privileges, instead of making them hardwired. Then your objects will get those privileges not because they are hard-wired, but because you haven't changed yourglobal default ACL to not contain them.That's somewhat how I implemented it although not just on global level but in any single filter, what we now have as defaults (before this patch) is used as template for default acls and you can revoke it. You just can't revoke anything you granted anywhere in the default acls chain.
Reminds me I forgot to adjust the docs. Attached patch fixes that (no other changes).
-- Regards Petr Jelinek (PJMODOS)
defacl-2009-10-02.diff.gz
Description: Unix tar archive
-- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
