Re: Report of PGcon2010

[Stephen Frost <sfrost@snowman.net>]

[-- Attachment #1: Type: text/plain, Size: 1409 bytes --]

Greg, all,

* Greg Smith (greg@2ndquadrant.com) wrote:
> This pushes off the problem of how to keep labels consistent in the face
> of things like table changes to being a database superuser only task,
> not one you can delegate to other users.

As an additional side-note that might be relevant to this community,
I've been talking to some of the other PG developers (Tom Lane, Robert
Haas, etc) about adding more granularity to the PG role options to
eliminate the need to have an actual PG "super-user".  There are still
some specific tasks which require super-user (in particular, the
"replication" user must be a super-user, the user which can issue
pg_start_backup/pg_stop_backup commands, etc), but if we make those into
separately tracked options, we could provide a system with no user
having the actual "super-user" bit set which would still be very usable.

I'm hoping to target that for 9.1, but I certainly can't make any
promises.  One thing to note in all of this, as has likely been said
here already, right now this is just about all spare-time work by the PG
individuals and companies who are interested in it.  Organizations
interested in this speaking up that they'd like to use it, or even
better sponsor work on it, in whatever way they can, would certainly
increase the availability of PG community resources for this project and
things like RLS being added to PG.

	Thanks!

		Stephen

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 197 bytes --]