On Mon, Sep 28, 2009 at 10:44 PM, Tom Lane <t...@sss.pgh.pa.us> wrote: > Robert Haas <robertmh...@gmail.com> writes: >> I haven't read the patch, but it seems like one possible solution to >> this problem would be to declare that any any DEFAULT PRIVILEGES you >> set are cumulative. If you configure a global default, a per-schema >> default, a default for tables whose names begin with the letter q, and >> a default for tables created between midnight and 4am, then a table >> called quux created in that schema at 2:30 in the morning will get the >> union of all four sets of privileges. > > Hmm ... interesting proposal. Simple to understand and simple to > implement, which are both to the good. I'm not clear though on whether > this behavior would be useful in practice. Any comments from those > who've been asking for default ACLs? > > One potential trouble spot is that presumably the built-in default > privileges (eg, PUBLIC EXECUTE for functions) would *not* cumulate > with user-specified defaults.
Why not? ...Robert -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers