On Mon, Jan 30, 2017 at 5:33 AM, Simon Riggs <si...@2ndquadrant.com> wrote: > I would call these "super privileges". > > Peter suggests that we have a much more flexible structure for > super-privileges. > > In Peter's model, Tom's suggestion woud be to grant all of these > automatically to database owners. > GRANT ALL ON ALL TABLES TO $user > GRANT ALL ON ALL SEQUENCES TO $user > GRANT ALL ON ALL FUNCTIONS TO $user > > Either of them would be good for me, as long as we implement the rule > as Tom suggests that this would never apply to objects owned by a > superuser.
I like Peter's model better, or more precisely Stephen's suggestion of doing this via some default roles. Tom's model breaks backward compatibility in a security-sensitive way, and it doesn't generalize to things like wanting a user who can read everything but who has no elevated write privileges. The idea of having predefined roles called pg_read_anything, pg_write_anything, etc. seems quite elegant and very powerful, and nobody's existing permissions structure has to change unless they so desire. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (firstname.lastname@example.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers