and...@dunslane.net (Andrew Dunstan) writes: > Jeff Davis wrote: >> On Mon, 2009-06-29 at 12:55 -0400, Tom Lane wrote: >> >>> I think it has to be looked at in comparison to more general >>> prospective-permissions schemes; >> >> When I searched google for "prospective permissions", all I found were >> links to messages in this thread ;) >> >> Can you refer me to a general prospective-permissions scheme that is >> more widely accepted? Being more widely accepted also has the benefit >> that users will feel more comfortable with the behavior. >> >> >> > > Think of MySQL's wildcard permissions. They apply to any object > whether that object is created before or after the rule is set, > AIUI. That means the wildcard pattern is applied at the time the > permission rule is referenced, rather than when the rule is created, > thus applying it prospectively. > > It's a feature many users would like to have, although, as Tom rightly > points out, it can be a bit of a footgun if used carelessly.
I'll point out, "for posterity", that way back in yesteryear, TOPS-10 (introduced in 1967) had a "declarative permissioning" system for file access that resembles this. The best description I'm aware of is the following: http://lkml.org/lkml/1999/2/5/2 A FILDAE config file for a particular user might look like the following: # anything in a directory named "private" is off limits */private/*:*:*:*: # people in group "foo" get full (create, delete, read, write, # execute) access to everything in the foo project directory ~/projects/foo/*:*:foo:*:cdrwx # people playing mygame can update the high score file ~/mygame/score.dat:*:*: ~/mygame/bin/mygame:rw # some friends have access to the RCS files for mygame ~/mygame/src/RCS/*:dennis,kevin,josh:*: /usr/bin/ci:rw ~/mygame/src/RCS/*:dennis,kevin,josh:*: /usr/bin/co:rw # I'll put stuff I want everyone to read in my ~/public directory # I'll make the public directory 744, so no one will actually have # to check .access_list, but I'll still put in this entry for completeness ~/public/*:*:*:*:r# anything left over gets no access*:*:*:*: This obviously isn't notably SQL-like, but that's not the point :-). -- "cbbrowne","@","cbbrowne.com" http://www3.sympatico.ca/cbbrowne/lisp.html Ubuntu is an ancient African word, meaning "can't configure Debian" -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers