On Mon, Apr 25, 2016 at 6:55 PM, Stephen Frost <sfr...@snowman.net> wrote: > Based on our discussion at PGConf.US and the comments up-thread from > Tom, I'll work up a patch to remove those checks around SET ROLE and > friends which were trying to prevent default roles from possibly being > made to own objects. > > Should the checks, which have been included since nearly the start of > this version of the patch, to prevent users from GRANT'ing other rights > to the default roles remain? Or should those also be removed? I > *think* pg_dump/pg_upgrade would be fine with rights being added, and if > we aren't preventing ownership of objects then we aren't going to be > able to remove such roles in any case.
It'd be good to test that that works. If it does, I think we may as well allow it. > Of course, with these default roles, users can't REVOKE the rights which > are granted to them as that happens in C code, outside of the GRANT > system. I think you mean that they can't revoke the special magic rights, but they could revoke any additional privileges which were granted. > Working up a patch to remove these checks should be pretty quickly done > (iirc, I've actually got an independent patch around from when I added > them, just need to find it and then go through the committed patches to > make sure I take care of everything), but would like to make sure that > we're now all on the same page and that *all* of these checks should be > removed, making default roles just exactly like "regular" roles, except > that they're created at initdb time and have "special" rights provided > by C-level code checks. That's what I'm thinking. I would welcome other views. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (firstname.lastname@example.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers