* Alex Hunsaker (bada...@gmail.com) wrote: > On Wed, Jan 13, 2010 at 12:54, Tom Lane <t...@sss.pgh.pa.us> wrote: > > I'm a little worried by Stephen's plan, mainly because I'm concerned > > that it would lead to ALTER TABLE taking exclusive lock on a table long > > before it gets around to checking permissions. Still, that's just > > extending a window that exists now. > > Im of the opinion if we are going to be meddling with the permission > checks in this area one of the goals should be close or at least > tighten up that window. So you cant lock a table you dont have > permission to (either via LOCK or ALTER TABLE). (Ignoring the issues > of concurrent permission changes of course...)
Trying to minimize that makes the permissions checking a royal mess by
making it have to happen all over the place, after every little bit of
information is gathered. I'm not a fan of that because of both concerns
about making sure it's correct and actually matches our documention, as
well as any possibility of making it a pluggable framework. At the
moment, we're doing permissions checks on the main table before we even
know if the other tables referenced in the command exist. I don't think
we're talking about a serious difference in time here either, to be
honest.
Not to mention that if you don't have access to the schema, you wouldn't
be able to take a lock on the table at all, so I'm really not sure how
big a deal this is..
Thanks,
Stephen
signature.asc
Description: Digital signature
