Re: New default role- 'pg_read_all_data'
Stephen Frost <sfrost@snowman.net>
From: Stephen Frost <sfrost@snowman.net>
To: Magnus Hagander <magnus@hagander.net>
Cc: PostgreSQL Developers <pgsql-hackers@lists.postgresql.org>
Date: 2020-08-28T12:38:48Z
Lists: pgsql-hackers
Greetings, * Magnus Hagander (magnus@hagander.net) wrote: > Without having actually looked at the code, definite +1 for this feature. > It's much requested... Thanks. > But, should we also have a pg_write_all_data to go along with it? Perhaps, but could certainly be a different patch, and it'd need to be better defined, it seems to me... read_all is pretty straight-forward (the general goal being "make pg_dumpall/pg_dump work"), what would write mean? INSERT? DELETE? TRUNCATE? ALTER TABLE? System catalogs? Doesn't seem like you could just declare it to be 'allow pg_restore' either, as that might include creating untrusted functions, et al. Thanks, Stephen
Commits
-
docs: Add command tags for SQL commands
- 8f6c11034976 14.0 landed
- f01727290fe0 15.0 landed
-
Add pg_read_all_data and pg_write_all_data roles
- 6c3ffd697e22 14.0 landed