Christopher Browne writes:
> Actually, this is somewhat more like UNIX setuid (2).
>
> When I first started using SECURITY DEFINER functions, I thought of it
> as being "like sudo." But it's really "like setuid".
I see SECURITY DEFINER functions definitely as setuid for PostgreSQL,
but I was thi
Tom Lane writes:
>> That's called sudo on linux. I propose that we stick to such a name.
>
> I'm not impressed with that name: it will mean nothing to Windows users,
> nor for that matter to many non-sysadmin types on Unix.
Fair enough.
>> Do we want a more general SUDO facility in PostgreSQL?
On Tue, Aug 23, 2011 at 3:09 PM, Dimitri Fontaine
wrote:
> Tom Lane writes:
>> We'll add a new boolean parameter to extension control files, called say
>> "dba_create" (ideas for better names welcome). If it's missing or set
>> to false, there's no change in behavior. When it's true, then
>>
>>
Dimitri Fontaine writes:
> Tom Lane writes:
>> We'll add a new boolean parameter to extension control files, called say
>> "dba_create" (ideas for better names welcome). If it's missing or set
>> to false, there's no change in behavior. When it's true, then
>>
>> (a) you must be superuser or o
Tom Lane writes:
> We'll add a new boolean parameter to extension control files, called say
> "dba_create" (ideas for better names welcome). If it's missing or set
> to false, there's no change in behavior. When it's true, then
>
> (a) you must be superuser or owner of the current database to cr
"David E. Wheeler" writes:
> On Aug 23, 2011, at 8:31 AM, Tom Lane wrote:
>> Having done that, we'd mark all the standard "trusted" PLs as dba_create,
>> expand the existing definition scripts for the PL extensions so that they
>> fully specify the languages and their support functions (transferri
On Aug 23, 2011, at 8:31 AM, Tom Lane wrote:
> One of my goals for the extensions feature has been that we should be able
> to get rid of the pg_pltemplate system catalog, moving all the information
> therein into languages' extension definition files. This would allow
> third-party procedural la
One of my goals for the extensions feature has been that we should be able
to get rid of the pg_pltemplate system catalog, moving all the information
therein into languages' extension definition files. This would allow
third-party procedural languages to be installed as easily as built-in
ones. W