Tom Lane <t...@sss.pgh.pa.us> writes: >> That's called sudo on linux. I propose that we stick to such a name. > > I'm not impressed with that name: it will mean nothing to Windows users, > nor for that matter to many non-sysadmin types on Unix.
Fair enough. >> Do we want a more general SUDO facility in PostgreSQL? It would be, I >> guess, about the same thing as SET ROLE postgres; > > Yeah, I think SET ROLE already covers that territory. Yes, except for the need of CREATE EXTENSION where you would want to delegate to power to database owner without granting them superuser at will. So I agree with your statement that we need something more than what we already have here, even if under the hood it will probably end up using existing mechanisms. > The point of the current proposal is to grant a very limited subset of > superuser privileges --- specifically, the right to install specific > extensions --- to database owners. Maybe it'd make sense to eliminate > the tie to database ownership and instead consider that you're allowed > to do this if you're a member of some predefined role, which then would > typically be GRANTed to database owners or other semi-trustworthy people. > But we don't currently have any predefined group roles like that, so > it'd be a rather large departure from past practice. I think we have something like that, in fact, with the replication privilege. We could have an "extension" privilege that defaults to being granted to database owners, and that would behave like SET ROLE superuser; when issuing extension related features. Regards, -- Dimitri Fontaine http://2ndQuadrant.fr PostgreSQL : Expertise, Formation et Support -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
