Hi Kasia, Le 13/10/2010 22:21, Kasia Tuszynska a écrit : > [...] > Thanks for your reply I did a bit more testing with the superuser priv issue, > and now I came to the conclusion that pgAdminIII may be doing something silly. >
Sure, that happens more than I would like. > I created a user: bob > > In pgAdminIII I checked off the box for: can inherit from parent role, can > create db object, superuser > Got the following sql: > CREATE ROLE bob LOGIN > ENCRYPTED PASSWORD 'md51e9484aace238e7cb2609130fd87646e' > SUPERUSER INHERIT CREATEDB NOCREATEROLE; > UPDATE pg_authid SET rolcapupdate=false WHERE rolname='bob'; > > Than I created bobb > In pgAdminIII I checked off the box for: can inherit from parent role, can > create db object, superuser, Can modify catalog directly > Got the following sql: > CREATE ROLE bobb LOGIN > ENCRYPTED PASSWORD 'md51e9484aace238e7cb2609130fd87646e' > SUPERUSER INHERIT CREATEDB NOCREATEROLE; > > Conclusion: > Sql level superuser = pgAdminIII superuser + can modify catalog directly > > This is misleading, I would call it a pgAdminIII bug but who knows maybe it > is a feature... > I would not call it a feature. I find this misleading too. I'm too tired right now to work on a fix, but it'll be easy and quick to do. I have a few things to commit tomorrow. I'll try to work on this at the same time. Thanks for your inputs. -- Guillaume http://www.postgresql.fr http://dalibo.com -- Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-admin
