| From: | Nathan Bossart <nathandbossart(at)gmail(dot)com> |
|---|---|
| To: | Yurii Rashkovskii <yrashk(at)gmail(dot)com> |
| Cc: | pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: SET ROLE documentation improvement |
| Date: | 2023-09-15 20:47:11 |
| Message-ID: | 20230915204711.GA2005906@nathanxps13 |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Fri, Sep 15, 2023 at 11:26:16AM -0700, Yurii Rashkovskii wrote:
> I believe SET ROLE documentation makes a slightly incomplete statement
> about what happens when a superuser uses SET ROLE.
>
> The documentation reading suggests that the superuser would lose all their
> privileges. However, they still retain the ability to use `SET ROLE` again.
>
> The attached patch adds this bit to the documentation.
IMO this is arguably covered by the following note:
The specified <replaceable class="parameter">role_name</replaceable>
must be a role that the current session user is a member of.
(If the session user is a superuser, any role can be selected.)
But I don't see a big issue with clarifying things further as you propose.
I think another issue is that the aforementioned note doesn't mention the
new SET option added in 3d14e17.
--
Nathan Bossart
Amazon Web Services: https://aws.amazon.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Nathan Bossart | 2023-09-15 20:53:01 | Re: ALTER ROLE documentation improvement |
| Previous Message | Chapman Flack | 2023-09-15 20:39:42 | semantics of "convenient to store" in FmgrInfo ? |