Skip site navigation (1) Skip section navigation (2)

Re: CREATE USER

From: Jaime Casanova <jaime(at)2ndquadrant(dot)com>
To: Robert Haas <robertmhaas(at)gmail(dot)com>
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Bruce Momjian <bruce(at)momjian(dot)us>, Scott Marlowe <scott(dot)marlowe(at)gmail(dot)com>, pgsql-docs <pgsql-docs(at)postgresql(dot)org>
Subject: Re: CREATE USER
Date: 2012-05-03 19:05:49
Message-ID: CAJKUy5g+rf-k0FqS1-oXh2UgC2qM_cykxi94eg9nywo6aV2L6A@mail.gmail.com (view raw or flat)
Thread:
Lists: pgsql-docs
On Wed, May 2, 2012 at 12:09 PM, Robert Haas <robertmhaas(at)gmail(dot)com> wrote:
> On Tue, Apr 24, 2012 at 2:55 AM, Jaime Casanova <jaime(at)2ndquadrant(dot)com> wrote:
>> On Tue, Dec 13, 2011 at 11:27 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>>>
>>> I think it might be sane to emit a WARNING suggesting that CREATEUSER
>>> might not mean what you think, but failing is probably not good.
>>>
>>
>> are we going to do this in this release?
>> i never was able to think in a good phrasing for this, though
>
> I actually think we should just leave this alone.  There is a
> limitless number of things that someone could potentially be confused
> by if they fail to read the documentation, and we can't warn about all
> of them.
>

maybe is not very helpful, but it can't hurt... hey! it can save you
because you maybe used CREATEUSER with the intention of CREATEROLE,
and ended up with a user with restricted privileges that is actually a
SUPERUSER... that's bad and is a POLA violation.

is worse because we are the ones causing the confusion consider the syntax:
CREATE USER = CREATE ROLE
IN GROUP = IN ROLE
USER = ROLE

CREATEUSER != CREATEROLE
CREATEUSER = SUPERUSER

-- 
Jaime Casanova         www.2ndQuadrant.com
Professional PostgreSQL: Soporte 24x7 y capacitación

In response to

Responses

pgsql-docs by date

Next:From: Josh KupershmidtDate: 2012-05-05 00:37:09
Subject: Capitalization of 'TimeZone' GUC
Previous:From: Robert HaasDate: 2012-05-02 17:09:39
Subject: Re: CREATE USER

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group