Peter Eisentraut <pete...@gmx.net> writes:
> As long as we're spending time on this, I'd propose getting rid of
> lanplistrusted, at least for access checking. Instead, just don't
> install USAGE privileges by default for those languages.
There's definitely something to that idea --- certainly lanpltrusted
dates from before we had a robust object-permissions system, and looks
like a bit of a wart now that we do have one.
I guess we could redefine the default privileges for languages as "none"
and then have the TRUSTED keyword mean to install public usage
privilege. Or maybe it would be safer for upgrade purposes if we kept
the default interpretation as-is and did an automatic REVOKE when
TRUSTED wasn't specified.
regards, tom lane
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
