On Wed, Nov 29, 2017 at 7:42 PM, Stephen Frost <sfr...@snowman.net> wrote: > Ashutosh, > > * Ashutosh Bapat (ashutosh.ba...@enterprisedb.com) wrote: >> On Wed, Nov 29, 2017 at 4:56 AM, Stephen Frost <sfr...@snowman.net> wrote: >> > The "global rethink" being contemplated seems to be more about >> > authentication forwarding than it is about this specific change. If >> > there's some 'global rethink' which is actually applicable to this >> > specific deviation from the usual "use the view's owner for privilege >> > checks", then it's unclear to me what that is. >> >> Global rethink may constitute other authentication methods like >> certificate based authentication. But I am not clear about global >> rethink in the context of owner privileges problem being discussed >> here. > > Right, I'm all for an independent discussion about how we can have > same-cluster or cross-cluster trust relationships set up to make it > easier for users in one cluster/database to access tables in another > that they should be allowed to, but that's a different topic from this. > > In other words, I think we're agreeing here. :)
Yes. -- Best Wishes, Ashutosh Bapat EnterpriseDB Corporation The Postgres Database Company
