use has_privs_of_role() for pg_hba.conf
Nathan Bossart <nathandbossart@gmail.com>
From: Nathan Bossart <nathandbossart@gmail.com>
To: pgsql-hackers@postgresql.org
Date: 2022-04-01T22:06:48Z
Lists: pgsql-hackers
Attachments
Hi hackers, 6198420 ensured that has_privs_of_role() is used for predefined roles, which means that the role inheritance hierarchy is checked instead of mere role membership. However, inheritance is still not respected for pg_hba.conf. Specifically, "samerole", "samegroup", and "+" still use is_member_of_role_nosuper(). The attached patch introduces has_privs_of_role_nosuper() and uses it for the aforementioned pg_hba.conf functionality. I think this is desirable for consistency. If a role_a has membership in role_b but none of its privileges (i.e., NOINHERIT), does it make sense that role_a should match +role_b in pg_hba.conf? It is true that role_a could always "SET ROLE role_b", and with this change, the user won't even have the ability to log in to run SET ROLE. But I'm not sure if that's a strong enough argument for deviating from the standard role privilege checks. Thoughts? -- Nathan Bossart Amazon Web Services: https://aws.amazon.com
Commits
-
Add TAP tests for role membership in pg_hba.conf
- 8432a815feb8 16.0 landed