|From:||Stephen Frost <sfrost(at)snowman(dot)net>|
|To:||Wolfgang Walther <walther(at)technowledgy(dot)de>|
|Cc:||Robert Haas <robertmhaas(at)gmail(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>|
|Subject:||Re: has_privs_of_role vs. is_member_of_role, redux|
|Views:||Raw Message | Whole Thread | Download mbox | Resend email|
* Wolfgang Walther (walther(at)technowledgy(dot)de) wrote:
> Robert Haas:
> > I don't think we're going to be very happy if we redefine inheriting
> > the privileges of another role to mean inheriting only some of them.
> > That seems pretty counterintuitive to me. I also think that this
> > particular definition is pretty fuzzy.
> Scratch my previous suggestion. A new, less fuzyy definition would be:
> Ownership is not a privilege itself and as such not inheritable.
One of the reasons the role system was brought into being was explicitly
to allow other roles to have ownership-level rights on objects that they
didn't directly own.
I don't see us changing that.
|Next Message||Andres Freund||2022-09-26 19:44:35||Re: [RFC] building postgres with meson - v13|
|Previous Message||Stephen Frost||2022-09-26 19:40:08||Re: has_privs_of_role vs. is_member_of_role, redux|