| From: | "Drouvot, Bertrand" <bertranddrouvot(dot)pg(at)gmail(dot)com> |
|---|---|
| To: | Bharath Rupireddy <bharath(dot)rupireddyforpostgres(at)gmail(dot)com> |
| Cc: | Michael Paquier <michael(at)paquier(dot)xyz>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Add a new BGWORKER_BYPASS_ROLELOGINCHECK flag |
| Date: | 2023-10-10 04:57:05 |
| Message-ID: | 590ec36a-13cb-4253-934b-b6a220d1026e@gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi,
On 10/6/23 8:48 AM, Drouvot, Bertrand wrote:
> Hi,
>
> On 10/5/23 6:23 PM, Bharath Rupireddy wrote:
>> On Thu, Oct 5, 2023 at 9:32 PM Drouvot, Bertrand
>> <bertranddrouvot(dot)pg(at)gmail(dot)com> wrote:
>>>
>>> + CREATE ROLE nologrole with nologin;
>>> + GRANT CREATE ON DATABASE mydb TO nologrole;
>>
>> A few nit-picks:
>>
>> 1. s/with/WITH
>> 2. s/nologin/NOLOGIN
>
> done in v8 attached.
>
>> 3. + is specified as <varname>flags</varname> it is possible to
>> bypass the login check to connect to databases.
>> How about "it is possible to bypass the login check for the role used
>> to connect to databases."?
>>
>
> "for the role used" sounds implicit to me but I don't have a strong opinion
> about it so re-worded as per your proposal in v8.
>
Please find attached v9 (v8 rebase due to f483b2090).
Regards,
--
Bertrand Drouvot
PostgreSQL Contributors Team
RDS Open Source Databases
Amazon Web Services: https://aws.amazon.com
| Attachment | Content-Type | Size |
|---|---|---|
| v9-0001-Allow-background-workers-to-bypass-login-check.patch | text/plain | 11.4 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alexander Korotkov | 2023-10-10 05:18:46 | Re: On login trigger: take three |
| Previous Message | Gurjeet Singh | 2023-10-10 04:55:29 | Minor edit to src/bin/pg_upgrade/IMPLEMENTAION |