Re: database specific pg_read_all_data / pg_write_all_data

Поиск
Список
Период
Сортировка
От Ron Johnson
Тема Re: database specific pg_read_all_data / pg_write_all_data
Дата
Msg-id CANzqJaA8JTM1V_+9ACXGWjbCYYu_hio5EA-=2ne_7jmmhw31FQ@mail.gmail.com
обсуждение исходный текст
Ответ на database specific pg_read_all_data / pg_write_all_data  (richard coleman <rcoleman.ascentgl@gmail.com>)
Ответы Re: database specific pg_read_all_data / pg_write_all_data
Список pgsql-admin
Дерево обсуждения
On Tue, Dec 9, 2025 at 4:13 PM richard coleman <rcoleman.ascentgl@gmail.com> wrote:
In PostgreSQL 16+ the built in roles such as pg_read_all_data and pg_write_all_data are a welcome addition to permission setting in PostgreSQL.

Unfortunately they appear to be server-wide roles.

Woud it be possible to have roles like these that are database specific?

If there are 100 databases on a server, it would be extremely helpful to be able to do something like:

grant pg_read_all_data on database foo to user_role;

Otherwise these roles are unusable from a practical stand point on servers with multiple unrelated databases.

How about 
ALTER DEFAULT PRIVILEGES IN SCHEMA foo1, foo2, foo3, ... GRANT SELECT ON ALL TABLE TO bar;

--
Death to <Redacted>, and butter sauce.
Don't boil me, I'm still alive.
<Redacted> lobster!

В списке pgsql-admin по дате отправления:

Чтобы сделать работу с сайтом удобнее, мы используем cookie и аналитический сервис «Яндекс.Метрика». Продолжая пользоваться сайтом, вы соглашаетесь с их использованием.