Neil, > Perhaps a compromise would be to enable pl/pgsql by default, but not > grant the USAGE privilege on it. This would allow superusers to define > pl/pgsql functions without taking any additional steps. Non-superusers > could be given access to pl/pgsql via a simple GRANT -- either for all > users via GRANT TO PUBLIC, or on a more granular basis as desired. This > would lower the barrier to using pl/pgsql by a fairly significant > margin, but not cause any additional security exposure that I can see.
Would this support PL/pgSQL based admin functions, though? -- Josh Berkus Aglio Database Solutions San Francisco ---------------------------(end of broadcast)--------------------------- TIP 5: don't forget to increase your free space map settings
