On 07/12/2012 02:53 PM, Tom Lane wrote: > Peter Eisentraut <pete...@gmx.net> writes: >> As long as we're spending time on this, I'd propose getting rid of >> lanplistrusted, at least for access checking. Instead, just don't >> install USAGE privileges by default for those languages. > > There's definitely something to that idea --- certainly lanpltrusted > dates from before we had a robust object-permissions system, and looks > like a bit of a wart now that we do have one. > > I guess we could redefine the default privileges for languages as "none" > and then have the TRUSTED keyword mean to install public usage > privilege. Or maybe it would be safer for upgrade purposes if we kept > the default interpretation as-is and did an automatic REVOKE when > TRUSTED wasn't specified.
+1 I'll take a look at the latter option sometime in the next few weeks and submit for the next commitfest. Is it still worth backpatching a change to has_language_privilege as a bug fix? Joe -- Joe Conway credativ LLC: http://www.credativ.us Linux, PostgreSQL, and general Open Source Training, Service, Consulting, & 24x7 Support -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers