| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, Andrew Dunstan <andrew(at)dunslane(dot)net>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: superusers are members of all roles? |
| Date: | 2011-04-07 14:14:39 |
| Message-ID: | 20110407141439.GD4548@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
* Tom Lane (tgl(at)sss(dot)pgh(dot)pa(dot)us) wrote:
> The problem here is that if Andrew had had the opposite case (a
> positive-logic hba entry requiring membership in some group to get into
> a database), and that had locked out superusers, he'd be on the warpath
> about that too. And with a lot more reason.
I disagree about this. I don't feel that the 'superuser is a member of
every role' behavior is what's really crucial here, it's that a
superuser can 'set role' to any other role and can grant/revoke
role memberships, and read every table, etc.
The fact that we're doing that by making the superuser be a member of
every role feels more like an implementation detail- one which has now
bitten us because it's affecting things that it really shouldn't. The
'+group' list should be derivable from pg_auth_members and not include
'implicit' roles.
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2011-04-07 14:16:12 | Re: Failed assert ((data - start) == data_size) in heaptuple.c |
| Previous Message | Bruce Momjian | 2011-04-07 13:58:30 | pg_upgrade fix for pg_largeobject_metadata |