Dimitri Fontaine <dimi...@2ndquadrant.fr> writes: > Tom Lane <t...@sss.pgh.pa.us> writes: >> We'll add a new boolean parameter to extension control files, called say >> "dba_create" (ideas for better names welcome). If it's missing or set >> to false, there's no change in behavior. When it's true, then >> >> (a) you must be superuser or owner of the current database to create the >> extension; >> >> (b) the commands within the extension's script will be run as though by a >> superuser, even if you aren't one.
> That's called sudo on linux. I propose that we stick to such a name. I'm not impressed with that name: it will mean nothing to Windows users, nor for that matter to many non-sysadmin types on Unix. > Do we want a more general SUDO facility in PostgreSQL? It would be, I > guess, about the same thing as SET ROLE postgres; Yeah, I think SET ROLE already covers that territory. The point of the current proposal is to grant a very limited subset of superuser privileges --- specifically, the right to install specific extensions --- to database owners. Maybe it'd make sense to eliminate the tie to database ownership and instead consider that you're allowed to do this if you're a member of some predefined role, which then would typically be GRANTed to database owners or other semi-trustworthy people. But we don't currently have any predefined group roles like that, so it'd be a rather large departure from past practice. regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers