* Peter Eisentraut (pete...@gmx.net) wrote: > On 3/3/15 5:58 PM, Tom Lane wrote: > > One aspect of this that merits some thought is that in some cases > > access to some set of functions is best granted as a unit. That's > > easy with role properties but much less so with plain GRANT. > > Do we have enough such cases to make it an issue? > > You could have built-in roles, such as "backup" and ship the system with > the "backup" role having permissions on some functions. And then users > are granted those roles. Similar to how some Linux systems ship with > groups such as "adm".
One thought I had for this was a contrib module which added an extension
to create and grant those roles. That approach would mean that we don't
need to worry about upgrade-path problems which we could get into if we
declared new roles like 'backup' which users might already have.
An alternative approach which might be better, now that I think about
it, would be to declare that the 'pg_' prefix applies to roles too and
then have a 'pg_backup' role which is granted the correct permissions.
Personally, I like that idea a lot..
We could then have pg_upgrade throw an error and pg_dump a warning (or
something along those lines) if they find any existing roles with that
prefix.
Thanks!
Stephen
signature.asc
Description: Digital signature
