On 02/29/2016 08:52 PM, Tom Lane wrote:
> Stephen Frost <sfrost@snowman.net> writes:
>> As it turns out, there isn't such an issue as the default for functions
>> is to allow PUBLIC to EXECUTE and therefore we don't dump out ACLs for
>> most functions. The follow-on change to this patch is to modify those
>> functions to *not* have the default/NULL ACL (and also drop the explicit
>> if (!superuser()) ereport() checks in those functions), which will work
>> just fine and won't be overwritten during pg_upgrade because those
>> functions currently just have the default ACL, which we don't dump out.
>
> Yes, so it would probably manage to not fail during 9.6 -> 9.7 migration.
> But you *won't ever again* get to change the default ACLs on those
> functions. That does not seem like a great bet from here.
Would it be a terrible idea to add some attribute to ACLs which can be
used to indicate they should not be dumped (and supporting syntax)?
--
Crunchy Data - http://crunchydata.com
PostgreSQL Support for Secure Enterprises
Consulting, Training, & Open Source Development