Re: privileges oddity

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Scott Ribe <scott_ribe(at)elevated-dev(dot)com>
Cc: Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com>, PostgreSQL General <pgsql-general(at)lists(dot)postgresql(dot)org>
Subject: Re: privileges oddity
Date: 2020-08-07 18:45:00
Message-ID: 2793218.1596825900@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

Scott Ribe <scott_ribe(at)elevated-dev(dot)com> writes:
> On Aug 7, 2020, at 12:27 PM, Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com> wrote:
>> So what privileges does role 'confidential_read_only' have?

> read on everything

... including usage on the schema in question?

If I'm reading this correctly, you have set things up so that any
session logging in as akanzler will immediately do "SET ROLE
confidential_read_only", after which it's the privileges of that
role not akanzler that determine what happens.

regards, tom lane

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Scott Ribe 2020-08-07 18:56:06 Re: privileges oddity
Previous Message Scott Ribe 2020-08-07 18:35:25 Re: privileges oddity