[Doc Patch] Clarify that CREATEROLE roles can GRANT default roles

From: Michael Banck <michael(dot)banck(at)credativ(dot)de>
To: PostgreSQL Development <pgsql-hackers(at)postgresql(dot)org>
Subject: [Doc Patch] Clarify that CREATEROLE roles can GRANT default roles
Date: 2020-11-27 22:49:59
Message-ID: 2160a5071a7bb5339055b04a8cad81a822be9d8d.camel@credativ.de
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers


https://www.postgresql.org/docs/current/default-roles.html mentions the
"Administrator" several times, but does not specify it further. I
understand that it is mentioned elsewhere [1], but I think it would be
beneficial to remind the reader on that page at least once that
"Administrators" includes "roles with the CREATEROLE privilege" in the
context of GRANTing and REVOKEing default privileges, e.g. with the
attached patch.


[1] e.g. at https://www.postgresql.org/docs/current/sql-createrole.html
it is mentioned that CREATEROLE privs can be regarded as "almost-superuser-roles"

Michael Banck
Projektleiter / Senior Berater
Tel.: +49 2166 9901-171
Fax: +49 2166 9901-100
Email: michael(dot)banck(at)credativ(dot)de

credativ GmbH, HRB Mönchengladbach 12080
USt-ID-Nummer: DE204566209
Trompeterallee 108, 41189 Mönchengladbach
Geschäftsführung: Dr. Michael Meskes, Jörg Folz, Sascha Heuer

Unser Umgang mit personenbezogenen Daten unterliegt
folgenden Bestimmungen: https://www.credativ.de/datenschutz

Attachment Content-Type Size
default-roles-createrole.patch text/x-patch 899 bytes


Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2020-11-27 23:45:57 Re: Improving spin-lock implementation on ARM.
Previous Message Stephen Frost 2020-11-27 22:01:36 Re: Log message for GSS connection is missing once connection authorization is successful.