Re: fixing CREATEROLE

Robert Haas <robertmhaas@gmail.com>

From: Robert Haas <robertmhaas@gmail.com>
To: "David G. Johnston" <david.g.johnston@gmail.com>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, Alvaro Herrera <alvherre@alvh.no-ip.org>, Mark Dilger <mark.dilger@enterprisedb.com>, walther@technowledgy.de, "pgsql-hackers@postgresql.org" <pgsql-hackers@postgresql.org>
Date: 2025-05-01T18:22:56Z
Lists: pgsql-hackers
On Wed, Apr 30, 2025 at 5:16 PM David G. Johnston
<david.g.johnston@gmail.com> wrote:
> On Wed, Apr 30, 2025 at 1:29 PM Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> But don't we need to add
>>
>> createrole_self_grant to the set of GUCs that pg_dump[all]
>> resets in the emitted SQL?
>>
>
> The other approach would be to do what we do for the role options and just specify everything explicitly in the dump.  The GUC is only a default specifier so let's not leave room for defaults in the dump file.

+1 for considering that option, although I am not sure which way is better.

-- 
Robert Haas
EDB: http://www.enterprisedb.com



Commits

  1. Add new GUC createrole_self_grant.

  2. Restrict the privileges of CREATEROLE users.

  3. Pass down current user ID to AddRoleMems and DelRoleMems.

  4. Refactor permissions-checking for role grants.

  5. Improve documentation of the CREATEROLE attibute.

  6. Make role grant system more consistent with other privileges.