Re: CREATEROLE users vs. role properties

From: Robert Haas <robertmhaas(at)gmail(dot)com>
To: tushar <tushar(dot)ahuja(at)enterprisedb(dot)com>
Cc: Nathan Bossart <nathandbossart(at)gmail(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: CREATEROLE users vs. role properties
Date: 2023-01-19 15:04:11
Message-ID: CA+TgmoZ6XEcsL6Gt5Yq22ciVa0D_67Xq1RJSEAN_X4AmH+b9PQ@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Thu, Jan 19, 2023 at 6:15 AM tushar <tushar(dot)ahuja(at)enterprisedb(dot)com> wrote:
> postgres=# create role fff with createrole;
> CREATE ROLE
> postgres=# create role xxx;
> CREATE ROLE
> postgres=# set role fff;
> SET
> postgres=> alter role xxx with createrole;
> ERROR: permission denied
> postgres=>

Here fff would need ADMIN OPTION on xxx to be able to make modifications to it.

See https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=cf5eb37c5ee0cc54c80d95c1695d7fca1f7c68cb

--
Robert Haas
EDB: http://www.enterprisedb.com

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Masahiko Sawada 2023-01-19 15:18:02 Re: [PoC] Improve dead tuple storage for lazy vacuum
Previous Message Peter Eisentraut 2023-01-19 14:27:20 Re: ANY_VALUE aggregate