Set GUC "is_superuser" in all processes that set AuthenticatedUserId.
It was always false in single-user mode, in autovacuum workers, and in background workers. This had no specifically-identified security consequences, but non-core code or future work might make it security-relevant. Back-patch to v11 (all supported versions). Jelte Fennema-Nio. Reported by Jelte Fennema-Nio. Branch ------ REL_15_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/fbc3719094150f5718cc55a80b3c98edf4188ef9 Modified Files -------------- src/backend/utils/init/miscinit.c | 8 ++++++++ 1 file changed, 8 insertions(+)
