Robert Haas <robertmh...@gmail.com> wrote: > I think it would help, on all accounts, to explain why in the world > we're spending time on this in the first place. I have a sneaking > suspicion this is 1 of N things we need to do to meet some US > government security standard, and if something like that is the case, > that could tip the balance toward doing it, or toward a particular > implementation of the concept.
Stephen my correct me on this, but I seem to remember him saying that this was part of a general effort to avoid needing to use a superuser login for routine tasks that don't fit into the area of what a sysadmin would do. That seems like a laudable goal to me. Of course, most or all of what this particular feature would allow can be done using superuser-owned SECURITY DEFINER functions, but that is sure a lot clumsier and error-prone than being able to say that role x can read from directory data/input and role y can write to directory data/output. That said, Stephen does seem to have some additional specific use cases in mind which he hasn't shared with the list; knowing what problems we're talking about solving would sure help make discussions about the possible solutions more productive. :-) -- Kevin Grittner EDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers