Robert Haas:
I think to change the owner of an object from role A to role B, you just
need a different "privilege" on that role B to "use" the role that way,
which is distinct from INHERIT or SET ROLE "privileges".
It's not distinct, though, because if you can transfer ownership of a
table to another user, you can use that ability to gain the privileges
of that user.
Right, but the inverse is not neccessarily true, so you could have SET
ROLE privileges, but not "USAGE" - and then couldn't change the owner of
an object to this role.
USAGE is not a good term, because it implies "least amount of
privileges", but in this case it's quite the opposite.
In any case, adding a grant option for SET ROLE, while keeping the
required privileges for a transfer of ownership at the minimum
(membership only), doesn't really make sense. I guess both threads
should be discussed together?
Best
Wolfgang
