Re: Open 7.3 items
Bruce Momjian <pgman@candle.pha.pa.us>
From: Bruce Momjian <pgman@candle.pha.pa.us>
To: Bruce Momjian <pgman@candle.pha.pa.us>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, Lamar Owen <lamar.owen@wgcr.org>, Vince Vielhaber <vev@michvhf.com>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2002-08-15T15:54:17Z
Lists: pgsql-hackers
Attachments
- (unnamed) (text/plain)
OK, no one complained/commented on my idea of having global users have a trailing '@', so here is a patch that implements that. It has the advantages of: no special install user (create global user before enabling feature) no /data/PG_INSTALLER file allows multiple global users to be easily added no namespace collisions because globals have a trailing @ easy for postmaster to recognize global users no double-user lookups of pg_pwd changes very small patch footprint The only downside is that it treats '@' as a special character when it is enabled, but frankly, because we are appending @dbname anyway, having '@' as a special character in that case makes sense. Comments? --------------------------------------------------------------------------- Bruce Momjian wrote: > Tom Lane wrote: > > Bruce Momjian <pgman@candle.pha.pa.us> writes: > > > I don't know where else to go with the patch at this point. I think > > > increasing the number of 'global' users is polluting the namespace too > > > much, > > > > Why? If the installation needs N global users, then it needs N global > > users; who are you to make that value judgment for them? > > > > In practice I think an installation that's using this feature is going > > to have a pretty small number of global users, and so the issue of > > collisions with local usernames isn't really as big as it's been painted > > in this thread. We could ignore that issue (except for documenting it) > > and have a perfectly serviceable feature. > > The original idea was that Marc wanted people who could create their own > users for their own databases. If we make the creation of global users > too easy, all of a sudden people don't have control over their db > usernames because they have to avoid all the global user names already > defined. By adding multiple global users, it is diluting the usefulness > of the feature. > > I suppose a pg_global_users file would be a compromise because only the > admin could actually add people to that file. If it was more automatic, > like writing pg_shadow, someone could create a user without an @ and > block access for other users to other database, which is bad. > > I still don't like the fact that people think they have control over > their db namespace, when they really don't, but no one else seems to see > that as a problem. The namespace conflicts just yell of poor design. > > OK, I have another idea. What if we make global users end with an @, so > dave@ is a global user. We can easily check for that in the postmaster > and not append the dbname. I know it makes @ a special character, but > considering the problem of namespace collision, it seems better than > what we have now. We could add the install user too if we wish, or just > tell them to make sure they add a user@ before turning on the feature. > > -- > Bruce Momjian | http://candle.pha.pa.us > pgman@candle.pha.pa.us | (610) 359-1001 > + If your life is a hard drive, | 13 Roberts Road > + Christ can be your backup. | Newtown Square, Pennsylvania 19073 > > ---------------------------(end of broadcast)--------------------------- > TIP 6: Have you searched our list archives? > > http://archives.postgresql.org > -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073