On Tue, Mar 14, 2017 at 2:56 PM, Petr Jelinek <petr.jeli...@2ndquadrant.com> wrote: > Note that I am not necessarily saying it's better though, just trying to > explain. It definitely has drawbacks, as in order to grant publish on > one table you might be granting lots of privileges on various objects by > granting the role. So for granularity purposes Peter's PUBLISH privilege > for tables sounds better to me.
I get that. If, without the patch, letting user X do operation Y will require either giving user X membership in a role that has many privileges, and with the patch, will require only granting a specific privilege on a specific object, then the latter is obviously far better from a security point of view. However, what I'm not clear about is whether this is a situation that's likely to come up much in practice. I would have thought that publications and subscriptions would typically be configured by roles with quite high levels of privilege anyway, in which case the separate PUBLISH privilege would rarely be used in practice, and might therefore fail to be worth using up a bit. I might be missing a plausible scenario in which that's not the case, though. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
