On Tue, Dec 18, 2012 at 12:09:10PM -0500, Peter Eisentraut wrote: > There are some system administration functions that have hardcoded > superuser checks, specifically: > > pg_reload_conf > pg_rotate_logfile > pg_read_file > pg_read_file_all > pg_read_binary_file > pg_read_binary_file_all > pg_stat_file > pg_ls_dir > > Some of these are useful in monitoring or maintenance tools, and the > hardcoded superuser checks require that these tools run with maximum > privileges. Couldn't we just install these functions without default > privileges and allow users to grant privileges as necessary?
+1. You can already use a SECURITY DEFINER wrapper, so I don't think this opens any particular floodgate. GRANT is a nicer interface. However, I would not advertise this as a replacement for wrapper functions until pg_dump can preserve ACL changes to pg_catalog objects. -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
