Re: Index build temp files
| От | Simon Riggs |
|---|---|
| Тема | Re: Index build temp files |
| Дата | |
| Msg-id | CA+U5nMK7cJ78ker5niKJx=3B+gLZpvNV0TQvk-YHvYVeKcUmfA@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: Index build temp files (Tom Lane <tgl@sss.pgh.pa.us>) |
| Ответы |
Re: Index build temp files
|
| Список | pgsql-hackers |
On 9 January 2013 21:42, Tom Lane <tgl@sss.pgh.pa.us> wrote: > Simon Riggs <simon@2ndQuadrant.com> writes: >> On 9 January 2013 21:21, Tom Lane <tgl@sss.pgh.pa.us> wrote: >>> This sounds like rather a lot of work to create a behavior that doesn't >>> solve the originally-complained-of usability problem. All it does is >>> make things even more complicated, and add an extra step for the DBA >>> who's just trying to set temp_tablespaces to something useful. > >> There is already an extra step to GRANT the CREATE privilege, so how >> does this change things? > > The point is that it didn't occur to Stephen that putting > temp_tablespaces = 'foo, bar' into postgresql.conf should require > doing GRANT CREATE TO PUBLIC on those tablespaces in order to be > effective. Changing the situation so that instead he needs to do > GRANT TEMP TO PUBLIC does not make it one whit more usable. > > All that that will really accomplish is to break grant methods that are > working in (other people's) existing installations; ie if someone has > code that does know about the GRANT CREATE requirement, he will not > thank us if he suddenly has to spell it GRANT TEMP in the next release. > > If we were designing this from scratch I'd agree that a separate TEMP > privilege would be a good thing. But bolting one on now is likely > to create more problems than it fixes. Particularly since it doesn't > actually fix any of the concrete problems enumerated in this thread. > > I continue to think that getting rid of the privilege check would be > a more useful answer than changing which privilege is tested. I wasn't suggesting that we test for TEMP instead of CREATE; what I meant was we would test for CREATE *OR* TEMP to give more options for management. Since CREATE is a powerful privilege, secure systems would not wish to grant that to everyone, which is what I think caused the issue, coupled with the inability to know whether temp_tablespaces is set to something you have privileges on. Your suggestion to make TEMP the default would be a useful way to handle this, but its still the opposite of how things work now. Granting CREATE by default on tablespaces is not a great plan. -- Simon Riggs http://www.2ndQuadrant.com/PostgreSQL Development, 24x7 Support, Training & Services
В списке pgsql-hackers по дате отправления: