On Wed, 2023-03-22 at 12:16 -0400, Robert Haas wrote: > If nobody's too unhappy with the idea, I plan to commit this soon, > both because I think that the feature is useful, and also because I > think it's an important security improvement.
Is there any chance I can convince you to separate the privileges of using a connection string and creating a subscription, as I suggested[1] earlier? It would be useful for dblink, and I also plan to propose CREATE SUBSCRIPTION ... SERVER for v17 (it was too late for 16), for which it would also be useful to make the distinction. You seemed to generally think it was a reasonable idea, but wanted to wait for the other patch. I think it's the right breakdown of privileges even now, and I don't see a reason to give ourselves a headache later trying to split up the privileges later. Regards, Jeff Davis [1] https://www.postgresql.org/message-id/fa1190c117c2455f2dd968a1a09f796ccef27b29.ca...@j-davis.com