Re: Additional role attributes && superuser review

Stephen Frost wrote:
> * Robert Haas (robertmhaas@gmail.com) wrote:

> > > I can think of a use-case for a user who can call pg_switch_xlog, but
> > > not pg_start_backup()/pg_stop_backup(), but I have to admit that it
> > > seems rather limited and I'm on the fence about it being a worthwhile
> > > distinction.
> > 
> > Sounds too narrow to me.  Are we going to have a separate predefined
> > role for every security-restricted function to which someone might
> > want to grant access?  That seems over the top to me.
> 
> I certainly don't want to go down to that level and was, as seen above,
> unsure about having pg_switch_xlog() as a differentiated privilege.
> Michael, do you still see that as a useful independent capability?

Hmm, Robert's argument seems reasonable -- we can continue to offer
access to individual elements by granting execute on a security-definer
function owned by predefined user pg_backup.

-- 
Álvaro Herrera                http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services