* Peter Eisentraut (pete...@gmx.net) wrote:
> On 3/3/15 5:58 PM, Tom Lane wrote:
> > One aspect of this that merits some thought is that in some cases
> > access to some set of functions is best granted as a unit.  That's
> > easy with role properties but much less so with plain GRANT.
> > Do we have enough such cases to make it an issue?
> You could have built-in roles, such as "backup" and ship the system with
> the "backup" role having permissions on some functions.  And then users
> are granted those roles.  Similar to how some Linux systems ship with
> groups such as "adm".

One thought I had for this was a contrib module which added an extension
to create and grant those roles.  That approach would mean that we don't
need to worry about upgrade-path problems which we could get into if we
declared new roles like 'backup' which users might already have.

An alternative approach which might be better, now that I think about
it, would be to declare that the 'pg_' prefix applies to roles too and
then have a 'pg_backup' role which is granted the correct permissions.
Personally, I like that idea a lot..

We could then have pg_upgrade throw an error and pg_dump a warning (or
something along those lines) if they find any existing roles with that



Attachment: signature.asc
Description: Digital signature

Reply via email to