Re: superusers are members of all roles?
Stephen Frost <sfrost@snowman.net>
From: Stephen Frost <sfrost@snowman.net>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Robert Haas <robertmhaas@gmail.com>, Andrew Dunstan <andrew@dunslane.net>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2011-04-07T14:14:39Z
Lists: pgsql-hackers
* Tom Lane (tgl@sss.pgh.pa.us) wrote: > The problem here is that if Andrew had had the opposite case (a > positive-logic hba entry requiring membership in some group to get into > a database), and that had locked out superusers, he'd be on the warpath > about that too. And with a lot more reason. I disagree about this. I don't feel that the 'superuser is a member of every role' behavior is what's really crucial here, it's that a superuser can 'set role' to any other role and can grant/revoke role memberships, and read every table, etc. The fact that we're doing that by making the superuser be a member of every role feels more like an implementation detail- one which has now bitten us because it's affecting things that it really shouldn't. The '+group' list should be derivable from pg_auth_members and not include 'implicit' roles. Thanks, Stephen