Tom Lane wrote:
>Andreas Pflug <pgadmin@pse-consulting.de> writes:
>
>
>>IMHO checking objects in a tablespace is a routine administrative task,
>>so it should be supported natively by the server without need of
>>contribs.
>>
>>
>
>I strongly disagree. Dropping a tablespace is not a routine activity,
>
>
Dropping certainly not. But inspecting? If implemented in a gui, it's
just a click away.
>
>As for the authentication-is-expensive issue, what of it? You *should*
>have to authenticate yourself in order to look inside another person's
>database. The sort of cross-database inspection being proposed here
>would be a big security hole in many people's view.
>
>
Accessing pg_class et al using the current sysuseid with acl checking
should be ok and satisfy security demands, no? Since it's the same
cluster, we can be sure that it 's the same user in that cross db too.
If the user has no access, the result won't have a meaning either.
The auth-is-expensive issue is about creating the db connection itself
again and again, when we only want to change a database.
>>And for win user acceptance, a command line tool won't be
>>sufficient either.
>>
>>
>
>This does not deserve a response.
>
>
Well, that's not quite appropriate. A 'command line is enough for server
maintenance' attitude won't attract win people; they're blind without a
mouse.
Regards,
Andreas