Improve documentation of the CREATEROLE attibute.

Robert Haas <rhaas@postgresql.org>

Commit: 5136c3fb575bb46f5f33c0485c972aa5dea0757a
Author: Robert Haas <rhaas@postgresql.org>
Date: 2023-01-03T19:57:40Z
Releases: 14.7
Improve documentation of the CREATEROLE attibute.

In user-manag.sgml, document precisely what privileges are conveyed
by CREATEROLE. Make particular note of the fact that it allows
changing passwords and granting access to high-privilege roles.
Also remove the suggestion of using a user with CREATEROLE and
CREATEDB instead of a superuser, as there is no real security
advantage to this approach.

Elsewhere in the documentation, adjust text that suggests that
<literal>CREATEROLE</literal> only allows for role creation, and
refer to the documentation in user-manag.sgml as appropriate.

Patch by me, reviewed by Álvaro Herrera

Discussion: http://postgr.es/m/CA+TgmoZBsPL8nPhvYecx7iGo5qpDRqa9k_AcaW1SbOjugAY1Ag@mail.gmail.com

Files

Documentation touched

Discussion