Re: set role command

pg254kl@georgiou.vip

From: pg254kl@georgiou.vip
To: Calvin Guo <newoakllc2023@gmail.com>,"pgsql-generallists.postgresql.org" <pgsql-general@lists.postgresql.org>
Date: 2025-11-24T22:30:14Z
Lists: pgsql-general
Just because you did set role does not mean you lost your superuser 
privileges, it's correct behavior.

If you want to impersonate in a permissions sandbox it's easy:

create role usera_sandbox in group usera;
\c - usera_sandbox

-- 
regards,
Kiriakos Georgiou


On 11/24/25 3:15 AM, Calvin Guo - newoakllc2023 at gmail.com wrote:
> I feel that set role logic is kindof misleading.
>
> I am a superuser, admin,
> I do:
> set role usera
> Now I am under the security context of usera, so I think running any 
> sql is safe as long as it's allowed by usera.
>
> Which is not the case!
> as usera can do:
> set role userb; other sql,
> or
> reset role; orther sql,
> it turns out it's not safe at all, the sql can easily get access right 
> of the super user. it can impernate userb though they do not have any 
> relationship whatso ever.
>
> I really feel, once you "set role usera", you should behave like 
> usera, you should NOT have the power say: hi, I can assume my super 
> user power whenever I want. As this make the "set role usera" pretty 
> much useless.
>
> It's unsafe!