Re: [PATCH] DefaultACLs

Stephen Frost napsal(a): <blockquote cite="mid:20090929034709.GM17756@tamriel.snowman.net" type="cite"><pre wrap="">*
RobertHaas (<a class="moz-txt-link-abbreviated" href="mailto:robertmhaas@gmail.com">robertmhaas@gmail.com</a>) wrote:
</pre><blockquotetype="cite"><blockquote type="cite"><pre wrap="">One potential trouble spot is that presumably the
built-indefault
 
privileges (eg, PUBLIC EXECUTE for functions) would *not* cumulate
with user-specified defaults.     </pre></blockquote><pre wrap="">Why not?   </pre></blockquote><pre wrap="">
How would you have a default that says "I *don't* want public execute on
my new functions"? </pre></blockquote><br /> This is actually problem that applies to whole Robert's proposal. How
wouldyou define you don\t want insert on new tables in schema when you granted it for whole database. I don't think any
kindof mixing of different default privileges is a good idea. I was thinking about rejecting creation of conflicting
defaultprivileges but that would be impossible to detect before object creation which is too late.<br /><br /><pre
class="moz-signature"cols="72">-- 
 
Regards
Petr Jelinek (PJMODOS)</pre>