Andrew Dunstan <andrew@dunslane.net> writes:
> David Fetter wrote:
>> There have been previous discussions of prospective permissions
>> changes. Are we restarting them here?
> It's not on the TODO list. I recall it being raised from time to time
> but I certainly don't recall a consensus that it should be done, nor
> how, so if you're implying that such a thing is a settled decision I
> suspect you're not entirely correct. Of course, my memory has been known
> to have errors ...
I think there's widespread agreement that SQL permissions are a pain in
the neck to manage. We haven't got a consensus on a solution to that,
but looking at possibilities is certainly reasonable.
Jeff's idea does amount to granting prospective permissions in one
sense. If you (in the future) grant some permissions to role foo,
then role foo_ro would automatically get some of those permissions too.
I think it has to be looked at in comparison to more general
prospective-permissions schemes; it clearly doesn't do everything you
could wish for in that line, and so we have to ask whether there'd be
much use-case left for it if we do implement something more general.
It also seems to me that a lot of the potential objections are shared
with more general schemes --- in particular, "ooops, I forgot this was
in place and indirectly granted some permissions I shouldn't have"...
regards, tom lane