On Sun, Sep 11, 2011 at 10:32 PM, Stephen Frost <sfr...@snowman.net> wrote: > * Andrew Dunstan (and...@dunslane.net) wrote: >> > Address problem where superusers are assumed to be members of all >> > groups >> > >> > http://archives.postgresql.org/pgsql-hackers/2011-04/msg00337.php >> >> This turns out to be a one-liner. > > I really don't know that I agree with removing this, to be honest.. I > haven't got time at the moment to really discuss it, but at the very > least, not being able to 'set role' to any user when postgres would be > REALLY annoying..
Sure. But I don't believe anyone has proposed changing that. What we're talking about here is that, for example, setting a reject rule for a certain group in pg_hba.conf will always match superusers, even though they're not in that group. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (email@example.com) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers