On 1/19/23 3:05 PM, tushar wrote:
which was working previously without patch.
My bad, I was testing against PG v15 but this issue is not reproducible on master (without patch).
As you mentioned- "This implements the standard idea that you can't give permissions you don't have (but you can give the ones you do have)" but here the role is having createrole privilege that he cannot pass on to another user? Is this expected?
postgres=# create role fff with createrole; CREATE ROLE postgres=# create role xxx; CREATE ROLE postgres=# set role fff; SET postgres=> alter role xxx with createrole; ERROR: permission denied postgres=> -- regards,tushar EnterpriseDB https://www.enterprisedb.com/ The Enterprise PostgreSQL Company
