On 4/12/21 10:37 PM, Tom Lane wrote: > Andrey Borodin <x4...@yandex-team.ru> writes: >> Currently only superuser is allowed to create LEAKPROOF functions >> because leakproof functions can see tuples which have not yet been >> filtered out by security barrier views or row level security >> policies. > > Yeah. > >> But managed cloud services typically do not provide superuser >> roles. > > This is not a good argument for relaxing superuser requirements. >
I guess for the cloud services it's not an issue - they're mostly concerned about manageability and restricting access to the OS. It's unfortunate that we tie the this capability to being superuser, so maybe the right solution would be to introduce a separate role with this privilege? regards -- Tomas Vondra EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company
