Re: Privileges on PUBLICATION
Euler Taveira <euler@eulerto.com>
From: "Euler Taveira" <euler@eulerto.com>
To: "Antonin Houska" <ah@cybertec.at>
Cc: "Amit Kapila" <amit.kapila16@gmail.com>,
"Peter Eisentraut" <peter.eisentraut@enterprisedb.com>,
"PostgreSQL Hackers" <pgsql-hackers@lists.postgresql.org>
Date: 2022-05-13T19:28:45Z
Lists: pgsql-hackers
On Fri, May 13, 2022, at 3:36 AM, Antonin Houska wrote: > Attached is my proposal. It tries to be more specific and does not mention the > absence of the privileges explicitly. You explained the current issue but say nothing about the limitation. This information will trigger a question possibly in one of the MLs. IMO if you say something like the sentence above at the end, it will make it clear why that setup expose all data (there is no access control to publications) and explicitly say there is a TODO here. Additional privileges might be added to control access to table data in a future version of <productname>PostgreSQL</productname>. I also wouldn't use the warning tag because it fits in the same category as the other restrictions listed in the page. -- Euler Taveira EDB https://www.enterprisedb.com/
Commits
-
Refactor ExecGrant_*() functions
- 369f09e420ef 16.0 cited
-
doc: Add note about lack of publication privileges
- 84387fc88944 16.0 landed