Tom Lane wrote:
How dangerous is it to UPDATE pg_class
directly, perhaps copying the relacl column for a table that I've
done by hand with GRANT.
You can do it, and it will seem to work. However, unless you also
make
entries in pg_shdepend, bad things will happen if you later drop
any of
the users mentioned in the ACL. Your code will also be vulnerable to
breakage in future releases if we change any of these details.
A better approach is to write a plpgsql function that assembles and
EXECUTEs the required GRANT commands.
Okay, thanks - guess it's time to learn some real plpgsql control
structures.
- John Burger
MITRE
