Re: Role membership and DROP

Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at> writes:
> On Wed, 2019-11-13 at 17:17 -0500, Tom Lane wrote:
>> It might be worth clarifying this point in section 5.7,
>> https://www.postgresql.org/docs/devel/ddl-priv.html
>> but let's not duplicate that in every ref/ page.

> I have attached a proposed patch.

<para>
The right to modify or destroy an object is always the privilege of
- the owner only.
+ the owner. Like all privileges, that right can be inherited by members of
+ the owning role.
</para>

Hm. This is more or less contradicting the original meaning of the
existing sentence, so maybe we need to rewrite a bit more. What do
you think of

The right to modify or destroy an object is inherent in being the
object's owner. Like all privileges, that right can be inherited by
members of the owning role; but there is no way to grant or revoke
it more selectively.

A larger problem (pre-existing, since there's a reference to being a
member of the owning role just a bit further down) is that I don't think
we've defined role membership at this point, so the reader is quite
entitled to come away more confused than they were before. It might not
be advisable to try to cover role membership here, but we should at
least add a cross-reference to where it's explained.

regards, tom lane