| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Toomas <toomas(dot)kristin(at)gmail(dot)com> |
| Cc: | Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com>, Vijaykumar Jain <vijaykumarjain(dot)github(at)gmail(dot)com>, pgsql-general <pgsql-general(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Can db user change own password? |
| Date: | 2021-10-21 17:51:49 |
| Message-ID: | 2441078.1634838709@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Toomas <toomas(dot)kristin(at)gmail(dot)com> writes:
> 2) db=> select current_user, session_user;
> current_user | session_user
> --------------+--------------
> db_owner | db_user
> (1 row)
Given that setup, I wonder which role you expected \password to change.
If we target the current_user, we can expect the command to succeed.
I'm just wondering if people will find that surprising.
Targeting the session_user might be less surprising (or not?)
but as this example shows, it can fail.
One thing that would help, regardless of which definition we think
is most appropriate, is to have \password explicitly say which role
it's intending to set the password for:
db=> \password
Enter new password for role "dbowner":
Enter it again:
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Saurav Sarkar | 2021-10-21 18:33:39 | Re: Connection queuing by connection pooling libraries |
| Previous Message | Tom Lane | 2021-10-21 17:44:33 | Re: Can db user change own password? |