Robert Haas <robertmh...@gmail.com> writes:
> I'd be really interested to hear if anyone knows the history behind
> allowing CLUSTER, REINDEX, VACUUM, and some operations on temp tables.
> It seems to have been that way for a long time. I wonder if it was a
> deliberate choice or something that just happened semi-accidentally.
Within a "read-only" xact you mean? I believe that allowing DML writes
was intentional. As for the utility commands, I suspect that it was in
part accidental (error of omission?), and then if anyone thought hard
about it they decided that allowing DML writes to temp tables justifies
those operations too.
Have you tried excavating in our git history to see when the relevant
permission tests originated?
regards, tom lane
