From: | Nathan Bossart <nathandbossart(at)gmail(dot)com> |
---|---|
To: | pgsql-hackers(at)postgresql(dot)org |
Subject: | use has_privs_of_role() for pg_hba.conf |
Date: | 2022-04-01 22:06:48 |
Message-ID: | 20220401220648.GA615994@nathanxps13 |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Hi hackers,
6198420 ensured that has_privs_of_role() is used for predefined roles,
which means that the role inheritance hierarchy is checked instead of mere
role membership. However, inheritance is still not respected for
pg_hba.conf. Specifically, "samerole", "samegroup", and "+" still use
is_member_of_role_nosuper().
The attached patch introduces has_privs_of_role_nosuper() and uses it for
the aforementioned pg_hba.conf functionality. I think this is desirable
for consistency. If a role_a has membership in role_b but none of its
privileges (i.e., NOINHERIT), does it make sense that role_a should match
+role_b in pg_hba.conf? It is true that role_a could always "SET ROLE
role_b", and with this change, the user won't even have the ability to log
in to run SET ROLE. But I'm not sure if that's a strong enough argument
for deviating from the standard role privilege checks.
Thoughts?
--
Nathan Bossart
Amazon Web Services: https://aws.amazon.com
Attachment | Content-Type | Size |
---|---|---|
v1-0001-Use-has_privs_of_role-for-samerole-samegroup-and-.patch | text/x-diff | 7.5 KB |
From | Date | Subject | |
---|---|---|---|
Next Message | wilfried roset | 2022-04-01 22:16:59 | Re: PROXY protocol support |
Previous Message | Thomas Munro | 2022-04-01 21:03:05 | Re: wrong fds used for refilenodes after pg_upgrade relfilenode changes Reply-To: |