Alvaro Herrera writes:
> On 2022-Dec-01, Noah Misch wrote:
>> This is free from the problem found in ddl-create-public-reorg-really.patch.
>> However, the word "other" doesn't belong there. (The per-user schemas should
>> not have public CREATE privilege.) I would also move that same sentence up
On 2022-Dec-01, Noah Misch wrote:
> This is free from the problem found in ddl-create-public-reorg-really.patch.
> However, the word "other" doesn't belong there. (The per-user schemas should
> not have public CREATE privilege.) I would also move that same sentence up
> front, like this:
>
>
On Wed, Nov 30, 2022 at 05:35:01PM -0500, Tom Lane wrote:
> Also, I'd like to structure things so that the first para covers what
> you need to know in a clean v15+ installation, and details that only
> apply in upgrade scenarios are in the second para. The upgrade scenario
> is going to be intere
On Wed, Nov 30, 2022 at 5:35 PM Tom Lane wrote:
> Also, I'd like to structure things so that the first para covers what
> you need to know in a clean v15+ installation, and details that only
> apply in upgrade scenarios are in the second para. The upgrade scenario
> is going to be interesting to
On Wed, Nov 30, 2022 at 3:35 PM Tom Lane wrote:
>
> BTW, is "create a schema with the same name" sufficient detail?
> You have to either make it owned by that user, or explicitly
> grant CREATE permission on it. I'm not sure if that detail
> belongs here, but it feels like maybe it does.
>
>
I'd
On Wed, 30 Nov 2022 at 17:35, Tom Lane wrote:
BTW, is "create a schema with the same name" sufficient detail?
> You have to either make it owned by that user, or explicitly
> grant CREATE permission on it. I'm not sure if that detail
> belongs here, but it feels like maybe it does.
It might be
Robert Haas writes:
> On Wed, Nov 30, 2022 at 10:01 AM Noah Misch wrote:
>> Could remove the paragraph about v14. Could have that paragraph say
>> explicitly that the REVOKE is a no-op. Would either of those be an
>> improvement?
> Well, I thought what I proposed was a nice improvement, but I
On Wed, Nov 30, 2022 at 10:01 AM Noah Misch wrote:
> On Wed, Nov 30, 2022 at 08:39:23AM -0500, Robert Haas wrote:
> > On Wed, Nov 30, 2022 at 2:07 AM Noah Misch wrote:
> > > In general, the documentation should prefer simpler decision trees.
> >
> > True, but I found the current text confusing, w
On Wed, Nov 30, 2022 at 08:39:23AM -0500, Robert Haas wrote:
> On Wed, Nov 30, 2022 at 2:07 AM Noah Misch wrote:
> > In general, the documentation should prefer simpler decision trees.
>
> True, but I found the current text confusing, which is also something
> to consider.
Could remove the parag
On Wed, Nov 30, 2022 at 2:07 AM Noah Misch wrote:
> In general, the documentation should prefer simpler decision trees.
True, but I found the current text confusing, which is also something
to consider.
--
Robert Haas
EDB: http://www.enterprisedb.com
On Tue, Nov 29, 2022 at 02:22:59PM -0500, Robert Haas wrote:
> On Fri, Sep 10, 2021 at 2:39 AM Noah Misch wrote:
> > Revoke PUBLIC CREATE from public schema, now owned by pg_database_owner.
> >
> > This switches the default ACL to what the documentation has recommended
> > since CVE-2018-1058. Up
On Tue, Nov 29, 2022 at 2:32 PM Justin Pryzby wrote:
> On Tue, Nov 29, 2022 at 02:22:59PM -0500, Robert Haas wrote:
> > Here's a proposed patch to do that.
>
> If I'm not wrong, you message includes a diffstat but without the patch
> itself.
D'oh.
--
Robert Haas
EDB: http://www.enterprisedb.com
On Tue, Nov 29, 2022 at 02:22:59PM -0500, Robert Haas wrote:
> Here's a proposed patch to do that.
If I'm not wrong, you message includes a diffstat but without the patch
itself.
On Fri, Sep 10, 2021 at 2:39 AM Noah Misch wrote:
> Revoke PUBLIC CREATE from public schema, now owned by pg_database_owner.
>
> This switches the default ACL to what the documentation has recommended
> since CVE-2018-1058. Upgrades will carry forward any old ownership and
> ACL. Sites that decl
14 matches
Mail list logo
