Re: pgsql: Fix search_path to a safe value during maintenance operations.
Jeff Davis <pgsql@j-davis.com>
From: Jeff Davis <pgsql@j-davis.com>
To: "David G. Johnston" <david.g.johnston@gmail.com>
Cc: Noah Misch <noah@leadboat.com>, Tom Lane <tgl@sss.pgh.pa.us>, Jeff Davis
<jdavis@postgresql.org>, "pgsql-committers@lists.postgresql.org"
<pgsql-committers@lists.postgresql.org>, Laurenz Albe
<laurenz.albe@cybertec.at>
Date: 2023-06-13T20:55:13Z
Lists: pgsql-hackers
On Tue, 2023-06-13 at 13:22 -0700, David G. Johnston wrote: > This is the specific (first?) message I am recalling. > > https://www.postgresql.org/message-id/A737B7A37273E048B164557ADEF4A58B53803F5A%40ntex2010i.host.magwien.gv.at The most objection seems to be expressed most succinctly in this message: https://www.postgresql.org/message-id/16134.1456767564%40sss.pgh.pa.us "if we allow non-owners to run ANALYZE, they'd be able to mess things up by setting the stats target either much lower or much higher than the table owner expected" I have trouble seeing much of a problem here if there is an explicit MAINTAIN privilege. If you grant someone MAINTAIN to someone, it's not surprising that you need to coordinate maintenance-related settings with that user; and if you don't, then it's not surprising that the statistics could get messed up. Perhaps the objections in that thread were because the proposal involved inferring the privilege to ANALYZE from other privileges, rather than having an explicit MAINTAIN privilege? Regards, Jeff Davis
Commits
-
Fix search_path to a safe value during maintenance operations.
- 2af07e2f749a 17.0 landed
- 05e173735171 16.0 cited
-
Revert MAINTAIN privilege and pg_maintain predefined role.
- 957445996fda 16.0 landed
- 151c22deee66 17.0 landed
-
Add grantable MAINTAIN privilege and pg_maintain role.
- 60684dd834a2 16.0 cited
-
Revoke PUBLIC CREATE from public schema, now owned by pg_database_owner.
- b073c3ccd06e 15.0 cited