Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1rT0pH-00HOd4-2w for pgsql-docs@arkaria.postgresql.org; Thu, 25 Jan 2024 14:35:31 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1rT0pF-00HZjR-Od for pgsql-docs@arkaria.postgresql.org; Thu, 25 Jan 2024 14:35:29 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1rT0pF-00HZjJ-Cn for pgsql-docs@lists.postgresql.org; Thu, 25 Jan 2024 14:35:29 +0000 Received: from mail-ej1-x631.google.com ([2a00:1450:4864:20::631]) by makus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1rT0pC-003Jc4-FR for pgsql-docs@lists.postgresql.org; Thu, 25 Jan 2024 14:35:27 +0000 Received: by mail-ej1-x631.google.com with SMTP id a640c23a62f3a-a26fa294e56so693530066b.0 for ; Thu, 25 Jan 2024 06:35:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cybertec-at.20230601.gappssmtp.com; s=20230601; t=1706193325; x=1706798125; darn=lists.postgresql.org; h=mime-version:user-agent:content-transfer-encoding:autocrypt :references:in-reply-to:date:cc:to:from:subject:message-id:from:to :cc:subject:date:message-id:reply-to; bh=UFsFDOnnNVsElxriORh9cUVuTf0R0IH2zh7DYXOCrI4=; b=BfoXexdiINRggGAq1np0n60J2Blx3kQOIBQerh2YE0ZyuEnIVRomRiED6/ku1Z39LI 5tUiY2HvsQ06DbRkUQhLuUvx48rAhCVBMi3nLgdRWEyr3FIAoVVzJua/ku/Ir6SeiUpn QrTYD55sBkNC67GZSr9jiATY4tsaKmhOrqq/h/CM4BSVxemTC02eXjxTCrlWShXtUnd2 b7ndvqNN/WbD9DLgXvMxTHuPq4HVTnl48GpqbRyrvvgjTtj1VlU7kSsBYoFKG2Q0+x4u 32cmhLAzq/C9wWf3RQrVJJ32drpgrnjHEedc/xjRlsnVcemMTZilcwQOg4RySzdZDOwx jvUw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706193325; x=1706798125; h=mime-version:user-agent:content-transfer-encoding:autocrypt :references:in-reply-to:date:cc:to:from:subject:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=UFsFDOnnNVsElxriORh9cUVuTf0R0IH2zh7DYXOCrI4=; b=HwpWAUSyHh35NcMAK8KMFQRzTJnp6DwWy/Gf1cRDiBLfPgWWbWW6mpAYG2zY0E9Egp g1YqA1xWOy5QHnDJJFZASqbsFhbOMBe2nirnh4OvzGoJ7tZTYntnUG/PnBdsUlO4NEzd j6aFVWstir/sUYwcIklkqk69CaznYBmwYs+0/4arh2jBB3+3GjXoFv2HZ4CHx87GTCAn 9/O9Q6olw3sTEwSEcB9/+tY9k/xXn2YXa+TlpKL2W70X58i90fAuYr9/5+s0noexMnq2 TzWbahXElYXCLpgGLVrVFcZ9gaj0T4qYuVhDKtv6pzh6YYM1cJ1Hpdz9PjsVyi2aDXul TOzw== X-Gm-Message-State: AOJu0YwH05MSCP2c4Yvm+8QPg5//4Qa04LUraGrK88svd4oiHlWRQX9I DUM8wwBdzKzWkFMBzAb5bgBQ0wzTdyKf5/qOgc41Gx2OVR738L9zjHGEJaFcPaM= X-Google-Smtp-Source: AGHT+IEG0jNSGWJND4esMDBIcF3mWXKeNAxc0+VgUfBOTyYOpd5tN0qXtFSTBjh8hCwu7aSVRB93Lg== X-Received: by 2002:a17:907:a0cd:b0:a23:6259:12d2 with SMTP id hw13-20020a170907a0cd00b00a23625912d2mr660437ejc.69.1706193324794; Thu, 25 Jan 2024 06:35:24 -0800 (PST) Received: from localhost.localdomain ([2001:871:5e:69af:d9f7:99cf:f936:5134]) by smtp.gmail.com with ESMTPSA id sn24-20020a170906629800b00a32429e455asm309931ejc.175.2024.01.25.06.35.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 25 Jan 2024 06:35:24 -0800 (PST) Message-ID: Subject: Re: SQL command : ALTER DATABASE OWNER TO From: Laurenz Albe To: "David G. Johnston" Cc: gparc@free.fr, pgsql-docs Date: Thu, 25 Jan 2024 15:35:23 +0100 In-Reply-To: References: <2023185982.281851219.1646733038464.JavaMail.root@zimbra15-e2.priv.proxad.net> <1712096587.208766558.1706090901073.JavaMail.zimbra@free.fr> Autocrypt: addr=laurenz.albe@cybertec.at; prefer-encrypt=mutual; keydata=mQINBGGDwAQBEADgbWy5cKXQld3N2mF+DFyiNFbi2oBl2T+XgxpPF8wTRw2D/u4bBKXP0SYSE/lA86jIVNWWU0gf1KODIkVvgJm2w4vH2VBV1b7ddVViGl1Iu+9zaRnv9wulhnH42KefepXnoean6UT1EzLM0opF/Ik0j+40TxdRtobkBprkQUyHDXWlHc2ffPs3SipyFEP9AVLf7ejRC46CXWDnsqjOBSMEW8Z4HiK/8RrPZBsKLts8dJxKF4pygOdJb0CWk8k/X1jbcfdxo+zOLjOMvJcSJ2pFdJmQHU+JufB3rePziqQ2S9Ur6sccr9XnTC1GVBWN4Lf5VHq+vf+bFJjVwg+2hrySZnAVfcOrxoqFLErr7ug1zN2nM1kcpgA4VWn4gxlJtYNYYq+9WxX5dtvnNANlG3ZCrRKQzl8lxtzoF6Zo7LUhEqPaHDwn7Rvs+IdbOn41lF5UDTJGqmC4gS/bZydW2Fy3YWm4aSaN9fgFf8D+PVkrlKAZB7gBLz1TyHjbcRf85cYF+GKKrDld5SzMB/V60VX3oP/Eo8ikFpyWaqiz1f9X7MBot3/PjJkY+wDzp3nmb19QEcOBuQiSQ4xds2r0HewbuHTAR68u8jNNMGmpm2j4x+g09Jd/WQDjqlTBZ/jEltH41fYCCPWMfljXTOOXu2eLNGdfi7ETZogtwjM9oTtSPQARAQABtCdMYXVyZW56IEFsYmUgPGxhdXJlbnouYWxiZUBjeWJlcnRlYy5hdD6JAk4EEwEIADgWIQR0CqhbZGGABqoaSbdi8bhXA2EdmAUCYYPABAIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRBi8bhXA2EdmM/6EADK232JCwmBzhlj8h7U9CjG6kx0JHP3uJGv+XfsHtHAlmY/RCwF1BHMEsRlk bT5UrLvJ2jb99bA9QARzhFaxzyn0F/BUKzuIjRGNs/n6d5dNUFA0kOt8sX+TacmC GEyjEBCrVCm4ranBiUyePn9NhHNWnaex7pJyqvMLLdwW9BEMJx0Fqo+DN8ukbXmYRsmhEtd3ue+x/luYmOmJnaGtzInaY5aOJYbW9XqoRIZkZvOCgbi1FfvNmoqWa+3oVxTOgw9RafjJDyW0lTHzKGjbGI5ofMU98l+/hKJFYJqWUF6VpFJY5YIcN/1lf4ZICMwDl+MPIVo/tpq8L10seJL28nLlvw3K+cI+TVW8IW/qL/LyVoDofI3USeOORuYmhpWRhik8JXX6xf3v6GrRilJIPWNFIJbxm1ZblQiQnOw3IOW7T+8nAmPin1HKqM3VrOrJQ2VtShsefNBibNAsr1oFaqcDBkn3yGG8i6CTW+FyO4PZ+/EwNxMVgktxbYdy5AT1/lpXr5tB+phhLIyVfiBvrWs5EThxYMQ/L8Y85c3GMsAy1l/x4h3jqySIYy3SCU9+jc5UVuNnXljbvkEzJ+NLWJ6C1rACFWrMszgPdh5tCrlRY9PpmYll4JbCgb8BtxEIUmR+xr50/ZElEK5iml7Q00KUekCcDt+36PsyGFTXBzNOrkCDQRhg8AEARAAzOZ2tLHlI4rrhG411h6cdCFjBZxuljaFCxFyHn3m6wbGLqwBUWC5k8UrRqjHMz88KcTSaNO7XGAmCqPdWd2SeflPZRnNTbjsVpw7mLdffsBm4JX7kki2Pvk5h0NtYeidXT1PSpc2ri4DutYXuT9uD8RAm1wUDCE5HQNUihT/WH6opt+hskHW21uHao0+y822tG0QQcGMqdQR5Vxdxj89wiEPdqW+HpU/oOZIhrf2E7prduAppxixjHy/o1rcnoznnJvc8D3+YgI9O0LrBMij89dM55pRGbLovTR1oGR3U74sX774+0xmSzeIKwZfiMUz7Atlvfk5SHOsRUFPN2Ux9kaXiiBibQpHFxt7b lDrT4wxdLJ/XCdbPPAyl+lZtOLsaHEEZvYNyTXwZc35dVf3R4/oz20HoG6s7ct8e1 AQygj43XAERzty9SkWgxs8+grp1PrGx6FHVSYRqBM8dS/ZR6yRVwOwJXPyaSSqfIF21DkE4j1y4n+ItSewPGoRp8K/yWCikt6qlkVkO2ASNIiX04fAbtzwVOaNn8ZMRNqyvLc1fED4sr49onE4cAIcBLjcC3KL+w9DUGRQCdziROj5H2Yl/sXGPdMciUHo/Uz2rggc+2th3bQiMhrHWSsBpUkDQp0yWewemstPpPgBL3h2fHKaX8B9oH5Qu/H1IgrOuX8AEQEAAYkCNgQYAQgAIBYhBHQKqFtkYYAGqhpJt2LxuFcDYR2YBQJhg8AEAhsMAAoJEGLxuFcDYR2YuPwQAMkpGtR80pQ1gVsONhdkqj0H2eU66efP/gO3CoyaoIcvrpKYj7C2HipVSmkt1gpByL0X4AMQ/vKuknUz3wd28Ba+G1dCfbVs/Xiusq+SmpUj5rTwmYqdSjWMuCo1R6oS5hdJMdUUJYGMT0QkVlm1KnW8jkmCTl9GzjDxOAsN9O6/6lPzaGFtk9XF+34Bry/N4HKiJkqpC4+UTd0AprPfzJ2jdT64e1F0+W88X8y1bTTgNrHwK4mDiLnlE4SKRuEm54lNhJz//ar86Or5BErzNpM6TL7lk44QS06hwsMrEdKIy8J/SYJPjfzR8tIUnKscclVpOgjKaBqC+0iFiVaRqAgfOlIEiezX6kMh5Q2FIUfqs46qWhhXjRrdKOEoStYAaikdLu5ZXr7vfb0ZaDh+ZwTQtbSMFolyOkecwI81MCdbMfT/1TqIGTOdAj5as9fAakk0jb2pXgUYQ8X1DVTR8ahSDVEaw9VTmWiSvTxvguVJ1Mb7gG4Gmh6aviDTJhfXtH4rPUNXhDLqrTH8JkJjyKROOMakIF68Hjse5vUfUxreBEOtb5r1Coa2Fe7ncJayaSE7ryrDbFqpZ 36UMAx4ulWMyqJajLNGY0DdG8qIsR5nxRhrnK/mrCidZ8F9/D3bWAl4rjtHlsztN59 +AnW5l0HsQcY9ntFL/zEBOaonjdJf Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.50.3 (3.50.3-1.fc39) MIME-Version: 1.0 List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On Wed, 2024-01-24 at 16:04 -0700, David G. Johnston wrote: > Here's a slightly more detailed patch to consider to cover both the trans= ference of ownership as well as documenting precisely what ownership means. >=20 > diff --git a/doc/src/sgml/ddl.sgml b/doc/src/sgml/ddl.sgml > index fc03a349f0..c8866ee9c7 100644 > --- a/doc/src/sgml/ddl.sgml > +++ b/doc/src/sgml/ddl.sgml > @@ -1856,15 +1856,12 @@ ALTER TABLE products RENAME TO items; >=20 > =C2=A0 =C2=A0 > =C2=A0 =C2=A0 When an object is created, it is assigned an owner. The > - =C2=A0 owner is normally the role that executed the creation statement. > - =C2=A0 For most kinds of objects, the initial state is that only the ow= ner > - =C2=A0 (or a superuser) can do anything with the object. To allow > - =C2=A0 other roles to use it, privileges must be > - =C2=A0 granted. > + =C2=A0 owner is the role that executed the creation statement > + =C2=A0 unless the statement itself specifies an owner. > =C2=A0 =C2=A0 Ok, you want to describe that in more detail. But you should preserve the when the term is used for the first time. > =C2=A0 =C2=A0 > - =C2=A0 There are different kinds of privileges: SELECT, > + =C2=A0 There are different kinds of grantable privileges: SELE= CT, > =C2=A0 =C2=A0 INSERT, UPDATE, DELETE, > =C2=A0 =C2=A0 TRUNCATE, REFERENCES,= TRIGGER, > =C2=A0 =C2=A0 CREATE, CONNECT, TEMPORARY, We use "privilege" for the rights you can grant everywhere else, so you'd have to change that all over the documentation. I don't think we should randomly change our terminology. I see that you didn't change the . I understand that you want to disambiguate between "grantable privileges" and "inherent privileges" like the right to drop an object. Note that the documentation is careful to avoid the term "privilege" when speaking about the latter: below, it says "The *right* to modify or destroy an object is inherent in being the object's owner". We should leave that as it is. > @@ -1877,13 +1874,27 @@ ALTER TABLE products RENAME TO items; > =C2=A0 =C2=A0 these privileges are used. > =C2=A0 =C2=A0 >=20 > + =C2=A0 > + =C2=A0 Upon object creation the owner is granted all grantable privileg= es > + =C2=A0 on the object.=C2=A0 Additionally, the built-in PUBLIC privilege= s of > + =C2=A0 the associated object type are granted.=C2=A0 Lastly, if any hav= e been defined, > + =C2=A0 the system grants the default privileges for the object type to = the defined roles. > + =C2=A0 All of these privileges can be revoked. > + =C2=A0 > + Perhaps it would be better to say "has the privileges" than "is granted the privileges", because there is nothing specifically granted (the ACL is = NULL). Also, I don't think we should burden the user with ALTER DEFAULT PRIVILEGES right here, where we speak about ownership. Default privileges are discrib= ed in some detail further down, which I believe is sufficient. In the same vein, the page describes further down that "An object's owner c= an choose to revoke their own ordinary privileges, for example ...". Again, n= o need to mention it another time (before it is discussed). > =C2=A0 =C2=A0 > =C2=A0 =C2=A0 The right to modify or destroy an object is inherent in bei= ng the > =C2=A0 =C2=A0 object's owner, and cannot be granted or revoked in itself. > - =C2=A0 (However, like all privileges, that right can be inherited by > + =C2=A0 (However, like the grantable privileges, that right can be inher= ited by > =C2=A0 =C2=A0 members of the owning role; see .) > =C2=A0 =C2=A0 See above. > + =C2=A0 > + =C2=A0 Another inherent right the owner of an object has is to grant al= l > + =C2=A0 grantable privileges on that object to any database role, includ= ing > + =C2=A0 their own. > + =C2=A0 > + Again, that's mostly a repetition: "Ordinarily, only the object's owner (or= a superuser) can grant or revoke privileges on an object." > @@ -1893,6 +1904,11 @@ ALTER TABLE table_name = OWNER TO new_owne > =C2=A0 =C2=A0 Superusers can always do this; ordinary roles can only do i= t if they are > =C2=A0 =C2=A0 both the current owner of the object (or inherit the privil= eges of the > =C2=A0 =C2=A0 owning role) and able to SET ROLE to the= new owning role. > + =C2=A0 The reassignment process involves changing the recorded owner of= the object in > + =C2=A0 the appropriate system catalog, as well as changing all referenc= es > + =C2=A0 (grantor and grantee) to the old role in the Access Control List= (ACL, see below) > + =C2=A0 column to the new role; leaving the old role without any direct = privileges on the object. > + =C2=A0 Multiple privilege entries with the same grantor and grantee are= consolidated into a single entry. > =C2=A0 =C2=A0 This change is fundamentally OK, although I doubt that we need to get as de= tailed as to how multiple access control items get consolidated. I think we should say "owner" instead of "recorded owner". Also, is it nec= essary to detail to the level of system catalog columns? Yours, Laurenz Albe