Re: pgsql: Restrict accesses to non-system views and foreign tables during

On Mon, Aug 26, 2024 at 7:14 AM Peter Eisentraut <peter@eisentraut.org> wrote:
>
> On 05.08.24 15:07, Masahiko Sawada wrote:
> > To address this, pg_dump now utilizes the newly introduced
> > restrict_nonsystem_relation_kind GUC parameter to restrict the
> > accesses to non-system views and foreign tables during the dump
> > process. This new GUC parameter is added to back branches too, but
> > these changes do not require cluster recreation.
>
> This documentation of this new parameter is a bit hard to understand.
> The description in guc_tables.c is
>
> "Sets relation kinds of non-system relation to restrict use"
>
> which is hard to understand even knowing what this setting is supposed
> to do.
>
> In config.sgml it says
>
> +   This variable specifies relation kind to which access is restricted.
> +   It contains a comma-separated list of relation kind.  Currently, the
> +   supported relation kinds are <literal>view</literal> and
> +   <literal>foreign-table</literal>.
>
> This does not mention "system" or "non-system" at all.
>
> Also, the phrase "to which access is restricted" can be interpreted in
> two opposite ways:
>
> - access to those relations is prohibited
> - access is limited to those relations
>
> Also nothing anywhere clarifies what "restricted" means here, and the
> term introduces unnecessary ambiguity.
>
> Can we come up with some more precise and easier-to-understand language?
>

Maybe using the word "prohibit" makes it a bit clear? For example,

In guc_tables.c:
Prohibits access to non-system relations of specified kinds

In doc:
Set relation kinds of non-system relations to which access is
prohibited. It takes a comma-separated list of relation kinds.
Currently, the supported relation kinds are view and foreign-table.

Regards,

--
Masahiko Sawada
Amazon Web Services: https://aws.amazon.com