Re: [WIP] CREATE SUBSCRIPTION with FOR TABLES clause (table filter)

On Mon, Mar 4, 2019 at 1:55 AM Michael Paquier <michael@paquier.xyz> wrote:
> -   To create a subscription, the user must be a superuser.
> +   To add tables to a subscription, the user must have ownership rights on the
> +   table.
> [...]
> +   /* must have CREATE privilege on database */
> +   aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(), ACL_CREATE);
> +   if (aclresult != ACLCHECK_OK)
> +       aclcheck_error(aclresult, OBJECT_DATABASE,
> +                      get_database_name(MyDatabaseId));
> So this means that we degrade subscription creation requirement from
> being a superuser to someone having CREATE rights on a given
> database?

I find that entirely unacceptable, for reasons which I also talked
about on the other thread where this was discussed:

https://www.postgresql.org/message-id/CA+TgmoahEoM2zZO71yv4883HFarXcBcOs3if6fEdRcRs8Fs=zA@mail.gmail.com

Letting unprivileged users initiate outbound network traffic and
more-or-less permanent background processes seems like a terrible
idea.

-- 
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company