Improve documentation of the CREATEROLE attibute. In user-manag.sgml, document precisely what privileges are conveyed by CREATEROLE. Make particular note of the fact that it allows changing passwords and granting access to high-privilege roles. Also remove the suggestion of using a user with CREATEROLE and CREATEDB instead of a superuser, as there is no real security advantage to this approach.
Elsewhere in the documentation, adjust text that suggests that <literal>CREATEROLE</literal> only allows for role creation, and refer to the documentation in user-manag.sgml as appropriate. Patch by me, reviewed by Álvaro Herrera Discussion: http://postgr.es/m/ca+tgmozbspl8nphvyecx7igo5qpdrqa9k_acaw1sbojugay...@mail.gmail.com Branch ------ REL_13_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/5dac191edf1816860993e5f43b817eafcece1166 Modified Files -------------- doc/src/sgml/ref/alter_role.sgml | 2 +- doc/src/sgml/ref/create_role.sgml | 10 ++++----- doc/src/sgml/ref/createuser.sgml | 18 ++++++++++----- doc/src/sgml/user-manag.sgml | 47 +++++++++++++++++++++++++++------------ 4 files changed, 52 insertions(+), 25 deletions(-)
