| From: | "Drouvot, Bertrand" <bertranddrouvot(dot)pg(at)gmail(dot)com> |
|---|---|
| To: | Bharath Rupireddy <bharath(dot)rupireddyforpostgres(at)gmail(dot)com> |
| Cc: | Michael Paquier <michael(at)paquier(dot)xyz>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Add a new BGWORKER_BYPASS_ROLELOGINCHECK flag |
| Date: | 2023-10-06 06:48:32 |
| Message-ID: | 06124373-5fdd-4925-9424-9d036d481f3b@gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi,
On 10/5/23 6:23 PM, Bharath Rupireddy wrote:
> On Thu, Oct 5, 2023 at 9:32 PM Drouvot, Bertrand
> <bertranddrouvot(dot)pg(at)gmail(dot)com> wrote:
>>
>> + CREATE ROLE nologrole with nologin;
>> + GRANT CREATE ON DATABASE mydb TO nologrole;
>
> A few nit-picks:
>
> 1. s/with/WITH
> 2. s/nologin/NOLOGIN
done in v8 attached.
> 3. + is specified as <varname>flags</varname> it is possible to
> bypass the login check to connect to databases.
> How about "it is possible to bypass the login check for the role used
> to connect to databases."?
>
"for the role used" sounds implicit to me but I don't have a strong opinion
about it so re-worded as per your proposal in v8.
Regards,
--
Bertrand Drouvot
PostgreSQL Contributors Team
RDS Open Source Databases
Amazon Web Services: https://aws.amazon.com
| Attachment | Content-Type | Size |
|---|---|---|
| v8-0001-Allow-background-workers-to-bypass-login-check.patch | text/plain | 11.4 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2023-10-06 06:50:30 | Re: Use FD_CLOEXEC on ListenSockets (was Re: Refactoring backend fork+exec code) |
| Previous Message | Peter Smith | 2023-10-06 06:44:32 | PGDOCS - add more links in the pub/sub reference pages |