Re: Additional role attributes && superuser review
| От | Simon Riggs |
|---|---|
| Тема | Re: Additional role attributes && superuser review |
| Дата | |
| Msg-id | CA+U5nMLdQRRHOdotxcg-nN_yLqs6QsxzEt1+YUC8jxeHc+jvGw@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: Additional role attributes && superuser review (Stephen Frost <sfrost@snowman.net>) |
| Ответы |
Re: Additional role attributes && superuser review
|
| Список | pgsql-hackers |
On 3 November 2014 at 17:08, Stephen Frost <sfrost@snowman.net> wrote: > role attributes don't act like > GRANTs anyway (there's no ADMIN option and they aren't inheirited). I'm happy with us *not* doing this using GRANTs, as long as we spend some love on the docs to show there is a very clear distinction between the two. Users get confused between privs, role attributes and SETs that apply to roles. Introducing the new word "capability" needs to also have some clarity. Is that the same thing as "role attribute", or is that a 4th kind of thang? Make things make sense and they're easy to agree. -- Simon Riggs http://www.2ndQuadrant.com/PostgreSQL Development, 24x7 Support, RemoteDBA, Training & Services
В списке pgsql-hackers по дате отправления: