Re: superusers are members of all roles?

Andrew Dunstan <andrew@dunslane.net>

From: Andrew Dunstan <andrew@dunslane.net>
To: Stephen Frost <sfrost@snowman.net>
Cc: Bruce Momjian <bruce@momjian.us>, Robert Haas <robertmhaas@gmail.com>, Tom Lane <tgl@sss.pgh.pa.us>, pgsql-hackers@postgresql.org
Date: 2011-09-12T03:29:59Z
Lists: pgsql-hackers

On 09/11/2011 10:32 PM, Stephen Frost wrote:
> * Andrew Dunstan (andrew@dunslane.net) wrote:
>>> 	Address problem where superusers are assumed to be members of all groups
>>> 	
>>> 	    http://archives.postgresql.org/pgsql-hackers/2011-04/msg00337.php
>> This turns out to be a one-liner.
> I really don't know that I agree with removing this, to be honest..  I
> haven't got time at the moment to really discuss it, but at the very
> least, not being able to 'set role' to any user when postgres would be
> REALLY annoying..
>
> 	

It's NOT changing that. All this affects is how +groupname is treated in 
pg_hba.conf, i.e. do we treat every superuser there as being a member of 
every group.

cheers

andrew