On Thu, Jan 9, 2020 at 3:18 PM Tom Lane <t...@sss.pgh.pa.us> wrote: > * ISTM that that's assuming that the DBA and the sysadmin are the same > person (or at least hold identical views on this subject). In many > installations it'd only be root who has control over what's in that > directory, and I don't think it's unreasonable for the DBA to wish > to be able to exercise additional filtering.
An emphatic +1 from me. This is what I've been trying to argue over and over, apparently rather unclearly. > * The point of a default role would be for the DBA to be able to > control which database users can install extensions. Even if the > DBA has full authority over the extension library, that would not > provide control over who can install, only over what is available > for any of them to install. I agree with that, too. I guess you could decide that the answer to the question "who can install extensions?" must be the same as the answer to the question "who owns a database?" but having the flexibility to make the answers to those questions different seems better than forcing them to always be the same. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company
