On 3 November 2014 at 17:08, Stephen Frost <sfr...@snowman.net> wrote:
> role attributes don't act like > GRANTs anyway (there's no ADMIN option and they aren't inheirited). I'm happy with us *not* doing this using GRANTs, as long as we spend some love on the docs to show there is a very clear distinction between the two. Users get confused between privs, role attributes and SETs that apply to roles. Introducing the new word "capability" needs to also have some clarity. Is that the same thing as "role attribute", or is that a 4th kind of thang? Make things make sense and they're easy to agree. -- Simon Riggs http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, RemoteDBA, Training & Services -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
