On 11/1/21, 9:51 AM, "Stephen Frost" <sfr...@snowman.net> wrote: > I don't really buy off on the "because it's been around a long time" as > a reason to invent a predefined role for an individual command that > doesn't take any options and could certainly just be a function. > Applications developed to run as a superuser aren't likely to magically > start working because they were GRANT'd this one additional predefined > role either but likely would need other changes anyway.
I suspect the CHECKPOINT command wouldn't be removed anytime soon, either. I definitely understand the desire to avoid changing something that's been around a long time, but I think a function fits better in this case. > All that said, I wonder if we can have our cake and eat it too. I > haven't looked into this at all yet and perhaps it's foolish on its > face, but, could we make CHECKPOINT; basically turn around and just run > select pg_checkpoint(); with the regular privilege checking happening? > Then we'd keep the existing syntax working, but if the user is allowed > to run the command would depend on if they've been GRANT'd EXECUTE > rights on the function or not. I'd be worried about the behavior of CHECKPOINT changing because someone messed with the function. Nathan
