* Joe Conway (m...@joeconway.com) wrote: > On 02/09/2016 01:22 PM, Tom Lane wrote: > > Maybe we need to restrict that somehow, or maybe some better solution > > exists that we've not thought of yet. But in its current state, RLS > > is at least as much a security hazard as it is a security aid. > > I do not want to see it extended in ways that make pg_dump unsafe to > > use. > > Ok, I can see that. Maybe we should have a specific GRANT for CREATE > POLICY which is distinct from the privilege to CREATE TABLE?
Well, the only privilege we have now is "CREATE", which allows creation of any kind of object inside a schema. I'm generally in favor of providing more granluar 'create table', 'create view', etc privileges that can be granted out at the schema level, and 'create policy' would be appropriate to include in such a set of object-creation permissions. I don't have any particularly genius ideas about where we'd get the bits to implement such a grant system though. We could modify the existing grant system to use larger bits, but given that this would only be applicable for schemas, perhaps it'd make sense to have another field in pg_namespace instead? Not sure, just brainstorming here. Thanks! Stephen
signature.asc
Description: Digital signature
