Re: New default role- 'pg_read_all_data'
Stephen Frost <sfrost@snowman.net>
From: Stephen Frost <sfrost@snowman.net>
To: Gilles Darold <gilles@darold.net>
Cc: pgsql-hackers@lists.postgresql.org
Date: 2020-08-28T17:25:32Z
Lists: pgsql-hackers
Greetings, * Gilles Darold (gilles@darold.net) wrote: > Le 28/08/2020 à 16:52, Stephen Frost a écrit : > >Using an FDW will often also require having a user mapping and there's > >no way for that to be accomplished through only GRANT'ing a default > >role, so I don't think we should mix this specific role with the FDW > >permissions system. > > I'm fine with that, perhaps it should be mentioned in the documentation that > foreign tables are not covered by this role. We could say it doesn't GRANT CONNECT rights on databases, or EXECUTE on functions too, but that doesn't seem like a terribly good approach for the documentation to take- instead we document specifically what IS included, which seems sufficiently clear to me. Thanks, Stephen
Commits
-
docs: Add command tags for SQL commands
- 8f6c11034976 14.0 landed
- f01727290fe0 15.0 landed
-
Add pg_read_all_data and pg_write_all_data roles
- 6c3ffd697e22 14.0 landed