Re: Delegating superuser tasks to new security roles (Was: Granting control of SUSET gucs to non-superusers)

Поиск
Список
Период
Сортировка
От Tom Lane
Тема Re: Delegating superuser tasks to new security roles (Was: Granting control of SUSET gucs to non-superusers)
Дата
Msg-id 216038.1627333077@sss.pgh.pa.us
обсуждение исходный текст
Ответ на Re: Delegating superuser tasks to new security roles (Was: Granting control of SUSET gucs to non-superusers)  (Tom Lane <tgl@sss.pgh.pa.us>)
Ответы Re: Delegating superuser tasks to new security roles (Was: Granting control of SUSET gucs to non-superusers)
Список pgsql-hackers
Дерево обсуждения 
I wrote:
> Possibly this could be generalized to "fire on commands performed by
> any role the trigger owner is a member of", but then I'm a bit less
> sure that it's safe from both roles' perspectives.

After further thought, I can't poke a hole in that concept.
We'd keep the rule that the trigger executes as the calling user.
Therefore, the trigger cannot perform any action that the calling
user couldn't do if she chose.  Conversely, since the trigger
owner could become a member of that role and then do whatever the
trigger intends to do, this scheme does not give the trigger owner
any new abilities either.  All we've done is provide what some
programming languages call an observer or annotation.

I also like the fact that with this rule, superusers' ability to
create event triggers that fire for everything is not a special case.

            regards, tom lane

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Stephen Frost
Дата:
Сообщение: Re: Delegating superuser tasks to new security roles (Was: Granting control of SUSET gucs to non-superusers)
Следующее
От: Tom Lane
Дата:
Сообщение: Re: Delegating superuser tasks to new security roles (Was: Granting control of SUSET gucs to non-superusers)