On 2/22/17 2:51 AM, Pavel Stehule wrote:
The solution based on rights is elegant, but in this moment I cannot to
see all possible impacts on performance - because it means new check for
any call of any function. Maybe checking call stack can be good enough -
I have not idea how often use case it
On Wed, Feb 22, 2017 at 2:18 PM, Tom Lane wrote:
> I think this is really *not* a good idea. The entire permissions model
> is built around granting permissions to roles, by other roles.
My bad. I shouldn't have proposed the idea on how to achieve/implement the idea.
I should instead just have
Joel Jacobson writes:
> Currently, it's only possible to grant/revoke execute on functions to roles.
> I think it would be useful in many situations, both for documentation
> purposes,
> but also for increased security, to in a precise way control what
> other function(s) are allowed to execute
2017-02-22 9:20 GMT+01:00 Joel Jacobson :
> On Wed, Feb 22, 2017 at 9:07 AM, Pavel Stehule
> wrote:
> > Usage of X functions can be locked in schema.
>
> I think that's also a good idea. Both are useful I think. They solve
> two different use-cases.
>
> If there are multiple callers of a private
On Wed, Feb 22, 2017 at 9:07 AM, Pavel Stehule wrote:
> Usage of X functions can be locked in schema.
I think that's also a good idea. Both are useful I think. They solve
two different use-cases.
If there are multiple callers of a private function within a schema,
it would be useful if you could
2017-02-22 8:06 GMT+01:00 Joel Jacobson :
> Hi Hackers,
>
> Currently, it's only possible to grant/revoke execute on functions to
> roles.
>
> I think it would be useful in many situations, both for documentation
> purposes,
> but also for increased security, to in a precise way control what
> oth
Hi Hackers,
Currently, it's only possible to grant/revoke execute on functions to roles.
I think it would be useful in many situations, both for documentation purposes,
but also for increased security, to in a precise way control what
other function(s)
are allowed to execute a specific function.
Christopher Kings-Lynne wrote:
> Hi,
>
> Should someone just go though contrib/ and add GRANT EXECUTE on everything?
> Seems pointless doing it ad hoc by the maintainer as it is at the moment...?
Added to open item list:
Add GRANT EXECUTE to all /contrib functions
--
Bruce Momjian
Christopher Kings-Lynne writes:
> Should someone just go though contrib/ and add GRANT EXECUTE on everything?
> Seems pointless doing it ad hoc by the maintainer as it is at the moment...?
Please.
--
Peter Eisentraut [EMAIL PROTECTED]
---(end of broadcast)--
Hi,
Should someone just go though contrib/ and add GRANT EXECUTE on everything?
Seems pointless doing it ad hoc by the maintainer as it is at the moment...?
Chris
---(end of broadcast)---
TIP 1: subscribe and unsubscribe commands go to [EMAIL PRO
10 matches
Mail list logo
