Quick Links

Re: let's disallow ALTER ROLE bootstrap_superuser NOSUPERUSER

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	Robert Haas <robertmhaas(at)gmail(dot)com>
Cc:	"pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: let's disallow ALTER ROLE bootstrap_superuser NOSUPERUSER
Date:	2022-07-21 17:02:50
Message-ID:	75372.1658422970@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> ... if
> we want to regard no-superusers as a supported configuration, we
> probably need to tighten that up. I think it's kind of hopeless,

Yeah, I agree. At least, I'm uninterested in spending any of my
own time trying to make that usefully-more-secure than it is today.
If somebody else is interested enough to do the legwork, we can
look at what they come up with.

regards, tom lane

In response to

Re: let's disallow ALTER ROLE bootstrap_superuser NOSUPERUSER at 2022-07-21 16:47:30 from Robert Haas

Responses

Re: let's disallow ALTER ROLE bootstrap_superuser NOSUPERUSER at 2022-07-21 17:27:26 from Nathan Bossart

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Alvaro Herrera	2022-07-21 17:12:35	Re: PG 15 (and to a smaller degree 14) regression due to ExprEvalStep size
Previous Message	Robert Haas	2022-07-21 16:47:30	Re: let's disallow ALTER ROLE bootstrap_superuser NOSUPERUSER