Thread
Commits
-
Clarify that CREATEROLE roles are considered Administrators
- 30b26dfac7db 14.0 landed
-
[Doc Patch] Clarify that CREATEROLE roles can GRANT default roles
Michael Banck <michael.banck@credativ.de> — 2020-11-27T22:49:59Z
Hi, https://www.postgresql.org/docs/current/default-roles.html mentions the "Administrator" several times, but does not specify it further. I understand that it is mentioned elsewhere [1], but I think it would be beneficial to remind the reader on that page at least once that "Administrators" includes "roles with the CREATEROLE privilege" in the context of GRANTing and REVOKEing default privileges, e.g. with the attached patch. Michael [1] e.g. at https://www.postgresql.org/docs/current/sql-createrole.html it is mentioned that CREATEROLE privs can be regarded as "almost-superuser-roles" -- Michael Banck Projektleiter / Senior Berater Tel.: +49 2166 9901-171 Fax: +49 2166 9901-100 Email: michael.banck@credativ.de credativ GmbH, HRB Mönchengladbach 12080 USt-ID-Nummer: DE204566209 Trompeterallee 108, 41189 Mönchengladbach Geschäftsführung: Dr. Michael Meskes, Jörg Folz, Sascha Heuer Unser Umgang mit personenbezogenen Daten unterliegt folgenden Bestimmungen: https://www.credativ.de/datenschutz
-
Re: [Doc Patch] Clarify that CREATEROLE roles can GRANT default roles
Masahiko Sawada <sawada.mshk@gmail.com> — 2020-12-28T11:41:19Z
Hi Michael, On Sat, Nov 28, 2020 at 7:50 AM Michael Banck <michael.banck@credativ.de> wrote: > > Hi, > > https://www.postgresql.org/docs/current/default-roles.html mentions the > "Administrator" several times, but does not specify it further. I > understand that it is mentioned elsewhere [1], but I think it would be > beneficial to remind the reader on that page at least once that > "Administrators" includes "roles with the CREATEROLE privilege" in the > context of GRANTing and REVOKEing default privileges, e.g. with the > attached patch. > You sent in your patch, default-roles-createrole.patch to pgsql-hackers on Nov 28, but you did not post it to the next CommitFest[1]. If this was intentional, then you need to take no action. However, if you want your patch to be reviewed as part of the upcoming CommitFest, then you need to add it yourself before 2021-01-01 AoE[2]. Thanks for your contributions. Regards, [1] https://commitfest.postgresql.org/31/ [2] https://en.wikipedia.org/wiki/Anywhere_on_Earth -- Masahiko Sawada EnterpriseDB: https://www.enterprisedb.com/
-
Re: [Doc Patch] Clarify that CREATEROLE roles can GRANT default roles
Michael Banck <michael.banck@credativ.de> — 2020-12-31T15:05:20Z
Hi, Am Montag, den 28.12.2020, 20:41 +0900 schrieb Masahiko Sawada: > On Sat, Nov 28, 2020 at 7:50 AM Michael Banck <michael.banck@credativ.de> wrote: > > https://www.postgresql.org/docs/current/default-roles.html mentions the > > "Administrator" several times, but does not specify it further. I > > understand that it is mentioned elsewhere [1], but I think it would be > > beneficial to remind the reader on that page at least once that > > "Administrators" includes "roles with the CREATEROLE privilege" in the > > context of GRANTing and REVOKEing default privileges, e.g. with the > > attached patch. > > > > You sent in your patch, default-roles-createrole.patch to > pgsql-hackers on Nov 28, but you did not post it to the next > CommitFest[1]. If this was intentional, then you need to take no > action. However, if you want your patch to be reviewed as part of the > upcoming CommitFest, then you need to add it yourself before > 2021-01-01 AoE[2]. Thanks for your contributions. Thanks for reminding me, I've done so now[1]. Michael [1] https://commitfest.postgresql.org/31/2921/ -- Michael Banck Projektleiter / Senior Berater Tel.: +49 2166 9901-171 Fax: +49 2166 9901-100 Email: michael.banck@credativ.de credativ GmbH, HRB Mönchengladbach 12080 USt-ID-Nummer: DE204566209 Trompeterallee 108, 41189 Mönchengladbach Geschäftsführung: Dr. Michael Meskes, Jörg Folz, Sascha Heuer Unser Umgang mit personenbezogenen Daten unterliegt folgenden Bestimmungen: https://www.credativ.de/datenschutz
-
Re: [Doc Patch] Clarify that CREATEROLE roles can GRANT default roles
Robert Treat <rob@xzilla.net> — 2021-02-23T06:18:50Z
On Thu, Dec 31, 2020 at 10:05 AM Michael Banck <michael.banck@credativ.de> wrote: > > Hi, > > Am Montag, den 28.12.2020, 20:41 +0900 schrieb Masahiko Sawada: > > On Sat, Nov 28, 2020 at 7:50 AM Michael Banck <michael.banck@credativ.de> wrote: > > > https://www.postgresql.org/docs/current/default-roles.html mentions the > > > "Administrator" several times, but does not specify it further. I > > > understand that it is mentioned elsewhere [1], but I think it would be > > > beneficial to remind the reader on that page at least once that > > > "Administrators" includes "roles with the CREATEROLE privilege" in the > > > context of GRANTing and REVOKEing default privileges, e.g. with the > > > attached patch. > > > Took look at the wording and +1 from me on the proposed change. FWIW, I believe the preceding sentence would be more grammatically correct if the word "which" was replaced with "that", ie. PostgreSQL provides a set of default roles /that/ provide access to certain, commonly needed, privileged capabilities and information. Robert Treat https://xzilla.net
-
Re: [Doc Patch] Clarify that CREATEROLE roles can GRANT default roles
Magnus Hagander <magnus@hagander.net> — 2021-03-06T17:12:50Z
On Tue, Feb 23, 2021 at 7:19 AM Robert Treat <rob@xzilla.net> wrote: > > On Thu, Dec 31, 2020 at 10:05 AM Michael Banck > <michael.banck@credativ.de> wrote: > > > > Hi, > > > > Am Montag, den 28.12.2020, 20:41 +0900 schrieb Masahiko Sawada: > > > On Sat, Nov 28, 2020 at 7:50 AM Michael Banck <michael.banck@credativ.de> wrote: > > > > https://www.postgresql.org/docs/current/default-roles.html mentions the > > > > "Administrator" several times, but does not specify it further. I > > > > understand that it is mentioned elsewhere [1], but I think it would be > > > > beneficial to remind the reader on that page at least once that > > > > "Administrators" includes "roles with the CREATEROLE privilege" in the > > > > context of GRANTing and REVOKEing default privileges, e.g. with the > > > > attached patch. > > > > > > Took look at the wording and +1 from me on the proposed change. FWIW, > I believe the preceding sentence would be more grammatically correct > if the word "which" was replaced with "that", ie. PostgreSQL provides > a set of default roles /that/ provide access to certain, commonly > needed, privileged capabilities and information. Applied, including the suggested change from Robert. -- Magnus Hagander Me: https://www.hagander.net/ Work: https://www.redpill-linpro.com/
-
Re: [Doc Patch] Clarify that CREATEROLE roles can GRANT default roles
Michael Banck <michael.banck@credativ.de> — 2021-03-06T22:08:44Z
On Sat, Mar 06, 2021 at 06:12:50PM +0100, Magnus Hagander wrote: > On Tue, Feb 23, 2021 at 7:19 AM Robert Treat <rob@xzilla.net> wrote: > > On Thu, Dec 31, 2020 at 10:05 AM Michael Banck > > <michael.banck@credativ.de> wrote: > > > Am Montag, den 28.12.2020, 20:41 +0900 schrieb Masahiko Sawada: > > > > On Sat, Nov 28, 2020 at 7:50 AM Michael Banck <michael.banck@credativ.de> wrote: > > > > > https://www.postgresql.org/docs/current/default-roles.html mentions the > > > > > "Administrator" several times, but does not specify it further. I > > > > > understand that it is mentioned elsewhere [1], but I think it would be > > > > > beneficial to remind the reader on that page at least once that > > > > > "Administrators" includes "roles with the CREATEROLE privilege" in the > > > > > context of GRANTing and REVOKEing default privileges, e.g. with the > > > > > attached patch. > > > > Took look at the wording and +1 from me on the proposed change. FWIW, > > I believe the preceding sentence would be more grammatically correct > > if the word "which" was replaced with "that", ie. PostgreSQL provides > > a set of default roles /that/ provide access to certain, commonly > > needed, privileged capabilities and information. > > Applied, including the suggested change from Robert. Thanks! Michael -- Michael Banck Projektleiter / Senior Berater Tel.: +49 2166 9901-171 Fax: +49 2166 9901-100 Email: michael.banck@credativ.de credativ GmbH, HRB Mönchengladbach 12080 USt-ID-Nummer: DE204566209 Trompeterallee 108, 41189 Mönchengladbach Geschäftsführung: Dr. Michael Meskes, Jörg Folz, Sascha Heuer Unser Umgang mit personenbezogenen Daten unterliegt folgenden Bestimmungen: https://www.credativ.de/datenschutz