Tom Lane writes:
> Hm. That seems to be another reason to unify usesysid and grosysid into
> a single unique something-id. Which probably implies unifying pg_shadow
> and pg_group into one table.
Maybe this is too radical, but why not merge "user" and "group" into one
animal? Both exist to bear privileges. The only difference is that
groups can contain other bearers of privileges, but then a user is just a
special case with zero members. Once you allow groups to have the
possibilities that users currently have (createdb privilege, object
ownership), there is no difference left. Of course, one such "animal"
would be the session user and interact with pg_hba.conf, but that is just
an ID, which may as well be a group.
--
Peter Eisentraut peter_e@gmx.net