Re: Preventing non-superusers from altering session authorization
Joseph Koshakow <koshy44@gmail.com>
From: Joseph Koshakow <koshy44@gmail.com>
To: Nathan Bossart <nathandbossart@gmail.com>
Cc: PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>
Date: 2023-07-10T20:46:07Z
Lists: pgsql-hackers
On Mon, Jul 10, 2023 at 4:32 PM Nathan Bossart <nathandbossart@gmail.com> wrote: > Okay. Here's a new patch set in which I believe I've addressed all > feedback. I didn't keep the GetAuthenticatedUserIsSuperuser() helper > function around, as I didn't see a strong need for it. Thanks, I think the patch set looks good to go! > And I haven't > touched the "is_superuser" GUC, either. I figured we can take up any > changes for it in the other thread. Yeah, I think that makes sense. Thanks, Joe Koshakow
Commits
-
Fix privilege check for SET SESSION AUTHORIZATION.
- a0363ab7aafd 17.0 landed
-
Move privilege check for SET SESSION AUTHORIZATION.
- 9987a7bf3406 17.0 landed
-
Rename session_auth_is_superuser to current_role_is_superuser.
- 0fef87753828 17.0 landed