Jeff Davis writes:
> On Tue, 2010-09-07 at 13:30 -0700, David Fetter wrote:
>> Offhand, I'm not thinking of past examples of mutating/disappearing
>> GUC that people would want to freeze, nor of a new GUC that would
>> negate or substantially alter such freezing. What have I missed?
> It just se
On Tue, 2010-09-07 at 14:49 -0700, David Fetter wrote:
> There are two problems at hand here, as I see it: the more general
> problem of "freezing" settings for a given role, and the very specific
> capability of guaranteeing read-only-ness, which could have large
> implications in, for example, da
On Tue, Sep 07, 2010 at 02:43:12PM -0700, Jeff Davis wrote:
> On Tue, 2010-09-07 at 13:30 -0700, David Fetter wrote:
> > Offhand, I'm not thinking of past examples of mutating/disappearing
> > GUC that people would want to freeze, nor of a new GUC that would
> > negate or substantially alter such f
On Tue, 2010-09-07 at 13:30 -0700, David Fetter wrote:
> Offhand, I'm not thinking of past examples of mutating/disappearing
> GUC that people would want to freeze, nor of a new GUC that would
> negate or substantially alter such freezing. What have I missed?
If you'll allow me to change my argum
On Tue, Sep 07, 2010 at 12:41:51PM -0700, Jeff Davis wrote:
> On Tue, 2010-09-07 at 11:39 -0700, David Fetter wrote:
> > We'd like to create a role called read_only, with eponymous
> > capability.
>
> Seems useful.
Great to hear :)
> > If so, is it more
> > DCL-ish, or more DDL-ish?
>
> I don't
On Tue, 2010-09-07 at 11:39 -0700, David Fetter wrote:
> We'd like to create a role called read_only, with eponymous
> capability.
Seems useful.
> If so, is it more
> DCL-ish, or more DDL-ish?
I don't like the idea of a security model relying on the ability (or
lack thereof) to set GUCs. Imagine
Folks,
I noticed a little unimplemented feature which I suspect a lot of
people would find useful, namely the ability to "freeze" certain
settings for a role.
Example: We'd like to create a role called read_only, with eponymous
capability. At the moment, we can't do what's below, but I'd like to
