Re: User with BYPASSRLS privilege can't change password
David G. Johnston <david.g.johnston@gmail.com>
From: "David G. Johnston" <david.g.johnston@gmail.com>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Stephen Frost <sfrost@snowman.net>,
Wolfgang Walther <walther@technowledgy.de>, PostgreSQL mailing lists <pgsql-bugs@lists.postgresql.org>
Date: 2020-11-03T19:13:13Z
Lists: pgsql-bugs
On Tue, Nov 3, 2020 at 12:06 PM Tom Lane <tgl@sss.pgh.pa.us> wrote: > "David G. Johnston" <david.g.johnston@gmail.com> writes: > > Is the nuance that in reality a non-superuser cannot specify BypassRLS > even > > if the effective value is unchanged unimportant here? > > I was wondering about that. You could definitely make a case for a > weaker set of rules here. However, the superuser restriction has been > like that for 15-ish years without much complaint, so it doesn't seem > that it bothers people in practice. > > Agreed that the behavior seems fine to keep. Was more about the documentation saying "change" instead of "specify". David J.
Commits
-
Improve error messages around REPLICATION and BYPASSRLS properties.
- 17fb60387ce3 14.0 landed
-
Allow users with BYPASSRLS to alter their own passwords.
- df4405b78485 10.15 landed
- d907bd0543aa 14.0 landed
- 77df80cf691a 9.5.24 landed
- 768dbef0d498 13.1 landed
- 501035a0ac7f 11.10 landed
- 136f87ea57b3 12.5 landed
- 04c4b495b1c9 9.6.20 landed
-
Row-Level Security Policies (RLS)
- 491c029dbc42 9.5.0 cited