Christophe Pettus <xof(at)thebuild(dot)com> writes:
>> On Jul 8, 2024, at 13:25, Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at> wrote:
>> I didn't test it, but doesn't that allow the member rule to drop objects owned
>> be the role it is a member of?
> No, apparently not.
IIUC, you need at least one of SET TRUE and INHERIT TRUE to be able to
access the privileges of the role you are nominally a member of. This
extends to ownership checks as well as grantable privileges.
regards, tom lane