Re: fixing CREATEROLE

Tom Lane <tgl@sss.pgh.pa.us>

From: Tom Lane <tgl@sss.pgh.pa.us>
To: Robert Haas <robertmhaas@gmail.com>
Cc: "David G. Johnston" <david.g.johnston@gmail.com>, Alvaro Herrera <alvherre@alvh.no-ip.org>, Mark Dilger <mark.dilger@enterprisedb.com>, walther@technowledgy.de, "pgsql-hackers@postgresql.org" <pgsql-hackers@postgresql.org>
Date: 2025-05-07T17:16:48Z
Lists: pgsql-hackers
Robert Haas <robertmhaas@gmail.com> writes:
> On Mon, May 5, 2025 at 8:35 AM Robert Haas <robertmhaas@gmail.com> wrote:
>> So it seems like the only real fix is to do as Tom proposes:
>> # But don't we need to add
>> # createrole_self_grant to the set of GUCs that pg_dump[all]
>> # resets in the emitted SQL?

> Tom, are you hoping that I'm going to produce a patch for this, or are
> you planning to produce one?

I wasn't planning to write the patch, no.  I don't think there's any
great urgency about it, now that we've missed the deadline for the
May releases.  If it gets done by August, it's fine.

			regards, tom lane



Commits

  1. Add new GUC createrole_self_grant.

  2. Restrict the privileges of CREATEROLE users.

  3. Pass down current user ID to AddRoleMems and DelRoleMems.

  4. Refactor permissions-checking for role grants.

  5. Improve documentation of the CREATEROLE attibute.

  6. Make role grant system more consistent with other privileges.