On Thu, Jan 9, 2020 at 3:18 PM Tom Lane <tgl@sss.pgh.pa.us> wrote:
> * ISTM that that's assuming that the DBA and the sysadmin are the same
> person (or at least hold identical views on this subject). In many
> installations it'd only be root who has control over what's in that
> directory, and I don't think it's unreasonable for the DBA to wish
> to be able to exercise additional filtering.
An emphatic +1 from me. This is what I've been trying to argue over
and over, apparently rather unclearly.
> * The point of a default role would be for the DBA to be able to
> control which database users can install extensions. Even if the
> DBA has full authority over the extension library, that would not
> provide control over who can install, only over what is available
> for any of them to install.
I agree with that, too. I guess you could decide that the answer to
the question "who can install extensions?" must be the same as the
answer to the question "who owns a database?" but having the
flexibility to make the answers to those questions different seems
better than forcing them to always be the same.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company