Re: Granting SET and ALTER SYSTE privileges for GUCs

On 11/16/21 17:12, Tom Lane wrote:
>
>>> To support pg_dump and pg_upgrade, it might be better to have an
>>> enabled/disabled flag rather than to delete rows.
>> I'm not really sure what this means.
> I didn't see the point of this either.  We really need to KISS here.
> Every bit of added complexity in the catalog representation is another
> opportunity for bugs-of-omission, not to mention a detail that you
> have to provide mechanisms to dump and restore.
>
>             


Well, I was trying (perhaps not very well) to imagine how to deal with
someone modifying the permissions of one of the predefined roles. Say
pg_foo has initial permission to set bar and baz, and the DBA removes
permission to set baz. How is pg_dump going to emit the right commands
to allow a safe pg_upgrade? Maybe we should say that the permissions for
the predefined roles are immutable, so only permissions sets for user
defined roles are mutable.


cheers


andrew

-- 

Andrew Dunstan
EDB: https://www.enterprisedb.com