Hi hackers,
I found a flaw in the ACL_MAINTAIN comment.
Commands such as VACUUM are listed as commands that are allowed to be
executed by the MAINTAIN privilege.
However, LOCK TABLE is missing from the comment.
> /*
> * Check if ACL_MAINTAIN is being checked and, if so, and not already
> set
> * as part of the result, then check if the user is a member of the
> * pg_maintain role, which allows VACUUM, ANALYZE, CLUSTER, REFRESH
> * MATERIALIZED VIEW, and REINDEX on all relations.
> */
Therefore, shouldn't LOCK TABLE be added to the comment?
Best regards,
Yusuke Sugie