On Sat, Oct 31, 2015 at 12:16:31AM +0100, Robert Haas wrote: > On Thu, Oct 29, 2015 at 10:31 PM, David Fetter <da...@fetter.org> wrote: > > Had this been part of the original ALTER DEFAULT PRIVILEGES patch, > > those privileges would simply have been applied. Since it wasn't, I'm > > ass-u-me'ing that changing the default behavior to that is going to > > cause (possibly legitimate) anxiety. > > The word "applied" is not very clear here. You want to revoke all > existing privileges and then regrant whatever the default privileges > would have been given the new owner? That might be a reasonable thing > to have a command for, but doing it automatically on an owner change > does not sound like a good idea. That could be very surprising > behavior.
OK, so I think there are operationally useful use cases for mix'n'match of the following: - Clear all existing DEFAULT PRIVILEGES - Preserve DEFAULT PRIVILEGES from the previous owner - Apply DEFAULT PRIVILEGES for the new owner Are there others? I suspect we could get some lift out of CREATE ... OWNER ... which would then Do The Right Thing™ with respect at least to initial creation without having to be connected as that role. Cheers, David. -- David Fetter <da...@fetter.org> http://fetter.org/ Phone: +1 415 235 3778 AIM: dfetter666 Yahoo!: dfetter Skype: davidfetter XMPP: david.fet...@gmail.com Remember to vote! Consider donating to Postgres: http://www.postgresql.org/about/donate -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
