On 2016/09/07 12:29, Corey Huinker wrote: > On Tue, Sep 6, 2016 at 9:46 PM, Amit Langote wrote: >> OK. > Well...maybe not, depending on what Craig and other can do to educate me > about the TAP tests.
Sure. >>> Changing table-level options requires superuser privileges, for security >>> reasons: only a superuser should be able to determine which file is read, >>> or which program is run. In principle non-superusers could be allowed to >>> change the other options, but that's not supported at present. >> >> Hmm, just a little modification would make it better for me: >> >> ... for security reasons. For example, only superuser should be able to >> determine which file read or which program is run. >> >> Although that could be just me. > > In this case "determine" is unclear whether a non-superuser can set the > program to be run, or is capable of knowing which program is set to be run > by the fdw. Hmm, it is indeed unclear. How about: ... for security reasons. For example, only superuser should be able to *change* which file is read or which program is run. I just realized this is not just about a C comment. There is a line in documentation as well which needs an update. Any conclusion here should be applied there. > We may want some more opinions on what is the most clear. Certainly. >> But as you said above, this could be deferred to the committer. >> > > Yeah, and that made for zero storage savings: a char pointer which is never > assigned a string takes up as much space as a 4-byte-aligned boolean. And > the result is that "file" really means program, which I found slightly > awkward. My only intent to push for that approach is to have consistency with other code implementing a similar feature although it may not be that important. Thanks, Amit -- Sent via pgsql-hackers mailing list (email@example.com) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers