Noah Misch <noah(at)leadboat(dot)com> writes:
> Let's look at the behavior of DDL-exposed access constraints for precedent. We
> currently have three paradigms for applying access control to superusers:
> 1. Settings that affect superusers and regular users identically. These include
> ALTER ROLE ... LOGIN | VALID UNTIL.
> 2. Rights that superusers possess implicitly and irrevocably; the actual setting
> recorded in pg_authid or elsewhere has no effect. These include GRANT ... ON
> TABLE and ALTER ROLE ... CREATEDB | CREATEROLE.
> 3. ALTER ROLE ... REPLICATION is very similar to #1, except that CREATE ROLE
> ... SUPERUSER implies CREATE ROLE ... SUPERUSER REPLICATION.
> I think we should merge #3 into #2; nothing about the REPLICATION setting
> justifies a distinct paradigm.
Yeah, there's much to be said for that. I thought the notion of a
privilege that superusers might not have was pretty bogus to start with.
rolcatupdate isn't a very good precedent to rely on because it's never
been documented or used to any noticeable extent, so there's no reason
to think that it provides a tested-and-accepted behavior.
regards, tom lane
In response to
pgsql-bugs by date
|Next:||From: goudvis||Date: 2011-10-27 23:02:47|
|Subject: Re: BUG #6269: Anomaly detection|
|Previous:||From: Noah Misch||Date: 2011-10-27 21:01:32|
|Subject: Re: BUG #6264: Superuser does not have inherent Replicationpermission|