Neil,
> Perhaps a compromise would be to enable pl/pgsql by default, but not
> grant the USAGE privilege on it. This would allow superusers to define
> pl/pgsql functions without taking any additional steps. Non-superusers
> could be given access to pl/pgsql via a simple GRANT -- either for all
> users via GRANT TO PUBLIC, or on a more granular basis as desired. This
> would lower the barrier to using pl/pgsql by a fairly significant
> margin, but not cause any additional security exposure that I can see.
Would this support PL/pgSQL based admin functions, though?
--
Josh Berkus
Aglio Database Solutions
San Francisco