[PATCHES] CATALOG/NOCATALOG for new users
This is a preliminary patch - don't commit it. What this patch adds are the CATALOG and NOCATALOG clauses to the CREATE USER and ALTER USER commands. These clauses affect the usecatupd column. This makes it easy to create superusers who cannot manually modify columns (a very nasty power...) These days, Postgres's built-in command set can do everything you need to to (except disable triggers and delete all the users...), so I don't see why people who have the power to create users should also have the power to munge your entire db server. There are a few problems that need thinking about, and I would like comments on how to address them: 1. Should we only allow users who currently hold the catalog perm to grant it to others? I think yes, since otherwise a regular superuser can create themselves another account with the catalog priv. 2. Restoring a dump (or dumpall more specifically perhaps) now requires that the restoring user is more than just a superuser, they must also hold the catalog priv. This is why: DELETE FROM pg_shadow WHERE usesysid (SELECT datdba FROM pg_database WHERE datname = 'template0'); And also this: -X disable-triggers 3. Upgrading from previous postgres will not give their old superusers back their catalog privilege, unless they dump with 7.5's pg_dump. Comments? Chris ? GNUmakefile ? config.log ? config.status ? configure.lineno ? src/Makefile.global ? src/backend/postgres ? src/backend/access/common/.deps ? src/backend/access/gist/.deps ? src/backend/access/hash/.deps ? src/backend/access/heap/.deps ? src/backend/access/index/.deps ? src/backend/access/nbtree/.deps ? src/backend/access/rtree/.deps ? src/backend/access/transam/.deps ? src/backend/bootstrap/.deps ? src/backend/catalog/.deps ? src/backend/catalog/pg_location.c ? src/backend/catalog/postgres.bki ? src/backend/catalog/postgres.description ? src/backend/commands/.deps ? src/backend/executor/.deps ? src/backend/lib/.deps ? src/backend/libpq/.deps ? src/backend/main/.deps ? src/backend/nodes/.deps ? src/backend/optimizer/geqo/.deps ? src/backend/optimizer/path/.deps ? src/backend/optimizer/plan/.deps ? src/backend/optimizer/prep/.deps ? src/backend/optimizer/util/.deps ? src/backend/parser/.deps ? src/backend/port/.deps ? src/backend/postmaster/.deps ? src/backend/regex/.deps ? src/backend/rewrite/.deps ? src/backend/storage/buffer/.deps ? src/backend/storage/file/.deps ? src/backend/storage/freespace/.deps ? src/backend/storage/ipc/.deps ? src/backend/storage/large_object/.deps ? src/backend/storage/lmgr/.deps ? src/backend/storage/page/.deps ? src/backend/storage/smgr/.deps ? src/backend/tcop/.deps ? src/backend/utils/.deps ? src/backend/utils/adt/.deps ? src/backend/utils/cache/.deps ? src/backend/utils/error/.deps ? src/backend/utils/fmgr/.deps ? src/backend/utils/hash/.deps ? src/backend/utils/init/.deps ? src/backend/utils/mb/.deps ? src/backend/utils/mb/conversion_procs/conversion_create.sql ? src/backend/utils/mb/conversion_procs/ascii_and_mic/.deps ? src/backend/utils/mb/conversion_procs/ascii_and_mic/libascii_and_mic.so.0 ? src/backend/utils/mb/conversion_procs/cyrillic_and_mic/.deps ? src/backend/utils/mb/conversion_procs/cyrillic_and_mic/libcyrillic_and_mic.so.0 ? src/backend/utils/mb/conversion_procs/euc_cn_and_mic/.deps ? src/backend/utils/mb/conversion_procs/euc_cn_and_mic/libeuc_cn_and_mic.so.0 ? src/backend/utils/mb/conversion_procs/euc_jp_and_sjis/.deps ? src/backend/utils/mb/conversion_procs/euc_jp_and_sjis/libeuc_jp_and_sjis.so.0 ? src/backend/utils/mb/conversion_procs/euc_kr_and_mic/.deps ? src/backend/utils/mb/conversion_procs/euc_kr_and_mic/libeuc_kr_and_mic.so.0 ? src/backend/utils/mb/conversion_procs/euc_tw_and_big5/.deps ? src/backend/utils/mb/conversion_procs/euc_tw_and_big5/libeuc_tw_and_big5.so.0 ? src/backend/utils/mb/conversion_procs/latin2_and_win1250/.deps ? src/backend/utils/mb/conversion_procs/latin2_and_win1250/liblatin2_and_win1250.so.0 ? src/backend/utils/mb/conversion_procs/latin_and_mic/.deps ? src/backend/utils/mb/conversion_procs/latin_and_mic/liblatin_and_mic.so.0 ? src/backend/utils/mb/conversion_procs/utf8_and_ascii/.deps ? src/backend/utils/mb/conversion_procs/utf8_and_ascii/libutf8_and_ascii.so.0 ? src/backend/utils/mb/conversion_procs/utf8_and_big5/.deps ? src/backend/utils/mb/conversion_procs/utf8_and_big5/libutf8_and_big5.so.0 ? src/backend/utils/mb/conversion_procs/utf8_and_cyrillic/.deps ? src/backend/utils/mb/conversion_procs/utf8_and_cyrillic/libutf8_and_cyrillic.so.0 ? src/backend/utils/mb/conversion_procs/utf8_and_euc_cn/.deps ? src/backend/utils/mb/conversion_procs/utf8_and_euc_cn/libutf8_and_euc_cn.so.0 ? src/backend/utils/mb/conversion_procs/utf8_and_euc_jp/.deps ? src/backend/utils/mb/conversion_procs/utf8_and_euc_jp/libutf8_and_euc_jp.so.0 ? src/backend/utils/mb/conversion_procs/utf8_and_euc_kr/.deps ? src/backend/utils/mb/conversion_procs/utf8_and_euc_kr/libutf8_and_euc_kr.so.0 ? src/backend/utils/mb/conversion_procs/utf8_and_euc_tw/.deps ?
Re: [PATCHES] Doc patch--clarifying $1 in PL/PgSQL
Tom Lane wrote: Jan Wieck [EMAIL PROTECTED] writes: Tom Lane wrote: Not that hard ... just requires replacing some special-purpose code with general-purpose code ... Does that code cause the variables value to change from function call to function call (what most users would expect if they give it a default value based on a call argument), or will remember the value from the first function call for the lifetime of the backend? I believe it will evaluate the DEFAULT expression on each entry to the block, using the current values of outer-block variables (and also variables declared earlier in the same block, if anyone cared to use that behavior). The code was already designed and documented to evaluate DEFAULT expressions on each block entry --- what it was missing was the ability to reference variables in these expressions. Do you see something wrong with it? No, I just didn't test it yet. My only concern was that it could be another unexpected behaviour related to caching values/plans. Unexpected caching is what most likely becomes FAQ's and I think we have enough of those. Jan -- #==# # It's easier to get forgiveness for being wrong than for being right. # # Let's break this rule - forgive me. # #== [EMAIL PROTECTED] # ---(end of broadcast)--- TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]
Re: [PATCHES] CATALOG/NOCATALOG for new users
Christopher Kings-Lynne [EMAIL PROTECTED] writes: 1. Should we only allow users who currently hold the catalog perm to grant it to others? I think yes, since otherwise a regular superuser can create themselves another account with the catalog priv. That brings up the whole business of just how super is a superuser, and does it even make sense to try to design a not quite superuser protection state. I'm not convinced that the usecatupd flag is so well thought out that we should expose it for general use without some consideration of alternative designs. As an example, it might make more sense to create a separate flag bit that simply grants the ability to add and delete users (non-superusers, presumably), with none of the other attributes of a superuser. If I recall your original concern properly, this would be a safer facility for what you wanted to accomplish. 3. Upgrading from previous postgres will not give their old superusers back their catalog privilege, unless they dump with 7.5's pg_dump. Only if you make it default to NOCATALOG, which is highly debatable in my mind, since it is non-backwards-compatible. regards, tom lane ---(end of broadcast)--- TIP 4: Don't 'kill -9' the postmaster
Re: [PATCHES] fork/exec patch: pgstat + BootstrapMain
Patch applied. Thanks. --- Claudio Natoli wrote: For application to HEAD, pending community review. Continued rearrangement to permit pgstat + BootstrapMain processes to be fork/exec'd, in the same mode as the previous patch for backends. Cheers, Claudio --- Certain disclaimers and policies apply to all email sent from Memetrics. For the full text of these disclaimers and policies see a href=http://www.memetrics.com/emailpolicy.html;http://www.memetrics.com/em ailpolicy.html/a [ Attachment, skipping... ] ---(end of broadcast)--- TIP 6: Have you searched our list archives? http://archives.postgresql.org -- Bruce Momjian| http://candle.pha.pa.us [EMAIL PROTECTED] | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup.| Newtown Square, Pennsylvania 19073 ---(end of broadcast)--- TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]
