* Robert Haas (robertmh...@gmail.com) wrote: > On Tue, Apr 26, 2016 at 7:39 PM, Robert Haas <robertmh...@gmail.com> wrote: > > On Mon, Apr 25, 2016 at 6:55 PM, Stephen Frost <sfr...@snowman.net> wrote: > >> Based on our discussion at PGConf.US and the comments up-thread from > >> Tom, I'll work up a patch to remove those checks around SET ROLE and > >> friends which were trying to prevent default roles from possibly being > >> made to own objects. > >> > >> Should the checks, which have been included since nearly the start of > >> this version of the patch, to prevent users from GRANT'ing other rights > >> to the default roles remain? Or should those also be removed? I > >> *think* pg_dump/pg_upgrade would be fine with rights being added, and if > >> we aren't preventing ownership of objects then we aren't going to be > >> able to remove such roles in any case. > > > > It'd be good to test that that works. If it does, I think we may as > > well allow it. > > > >> Of course, with these default roles, users can't REVOKE the rights which > >> are granted to them as that happens in C code, outside of the GRANT > >> system. > > > > I think you mean that they can't revoke the special magic rights, but > > they could revoke any additional privileges which were granted. > > > >> Working up a patch to remove these checks should be pretty quickly done > >> (iirc, I've actually got an independent patch around from when I added > >> them, just need to find it and then go through the committed patches to > >> make sure I take care of everything), but would like to make sure that > >> we're now all on the same page and that *all* of these checks should be > >> removed, making default roles just exactly like "regular" roles, except > >> that they're created at initdb time and have "special" rights provided > >> by C-level code checks. > > > > That's what I'm thinking. I would welcome other views. > > Ping!
Thanks. I'm planning to post a patch tomorrow to remove these checks. Thanks again! Stephen
Description: Digital signature