On Sun, Sep 11, 2011 at 10:32 PM, Stephen Frost <sfr...@snowman.net> wrote:
> * Andrew Dunstan (and...@dunslane.net) wrote:
>> >     Address problem where superusers are assumed to be members of all 
>> > groups
>> >
>> >         http://archives.postgresql.org/pgsql-hackers/2011-04/msg00337.php
>> This turns out to be a one-liner.
> I really don't know that I agree with removing this, to be honest..  I
> haven't got time at the moment to really discuss it, but at the very
> least, not being able to 'set role' to any user when postgres would be
> REALLY annoying..

Sure.  But I don't believe anyone has proposed changing that.  What
we're talking about here is that, for example, setting a reject rule
for a certain group in pg_hba.conf will always match superusers, even
though they're not in that group.

Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:

Reply via email to