Re: [ADMIN] two questions about pg 9.0

From: Guillaume Lelarge <guillaume(at)lelarge(dot)info>
To: pgadmin-hackers <pgadmin-hackers(at)postgresql(dot)org>
Cc: Kasia Tuszynska <ktuszynska(at)esri(dot)com>
Subject: Re: [ADMIN] two questions about pg 9.0
Date: 2010-10-15 22:23:57
Message-ID: 4CB8D47D.7070804@lelarge.info
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgadmin-hackers pgsql-admin pgsql-testers

Le 14/10/2010 12:35, Guillaume Lelarge a écrit :
> Le 13/10/2010 23:20, Guillaume Lelarge a écrit :
>> Le 13/10/2010 22:21, Kasia Tuszynska a écrit :
>>> [...]
>>> Thanks for your reply I did a bit more testing with the superuser priv issue, and now I came to the conclusion that pgAdminIII may be doing something silly.
>>>
>>
>> Sure, that happens more than I would like.
>>
>>> I created a user: bob
>>>
>>> In pgAdminIII I checked off the box for: can inherit from parent role, can create db object, superuser
>>> Got the following sql:
>>> CREATE ROLE bob LOGIN
>>> ENCRYPTED PASSWORD 'md51e9484aace238e7cb2609130fd87646e'
>>> SUPERUSER INHERIT CREATEDB NOCREATEROLE;
>>> UPDATE pg_authid SET rolcapupdate=false WHERE rolname='bob';
>>>
>>> Than I created bobb
>>> In pgAdminIII I checked off the box for: can inherit from parent role, can create db object, superuser, Can modify catalog directly
>>> Got the following sql:
>>> CREATE ROLE bobb LOGIN
>>> ENCRYPTED PASSWORD 'md51e9484aace238e7cb2609130fd87646e'
>>> SUPERUSER INHERIT CREATEDB NOCREATEROLE;
>>>
>>> Conclusion:
>>> Sql level superuser = pgAdminIII superuser + can modify catalog directly
>>>
>>> This is misleading, I would call it a pgAdminIII bug but who knows maybe it is a feature...
>>>
>>
>> I would not call it a feature. I find this misleading too. I'm too tired
>> right now to work on a fix, but it'll be easy and quick to do.
>>
>> I have a few things to commit tomorrow. I'll try to work on this at the
>> same time.
>>
>
> OK, was really simple to fix. See the patch attached.
>
> Any comments on this patch? I'm ready to commit it on 1.12 and master,
> if no-one objects.
>

Commited.

--
Guillaume
http://www.postgresql.fr
http://dalibo.com

In response to

Browse pgadmin-hackers by date

  From Date Subject
Next Message Guillaume Lelarge 2010-10-15 22:24:54 Re: two questions about pg 9.0
Previous Message pgAdmin Trac 2010-10-15 22:23:33 Re: [pgAdmin III] #257: UI glitch with superuser /canupdatecatalogs

Browse pgsql-admin by date

  From Date Subject
Next Message Guillaume Lelarge 2010-10-15 22:24:54 Re: two questions about pg 9.0
Previous Message Guillaume Lelarge 2010-10-15 21:47:43 Re: PG 9.0.1 upgrade issues

Browse pgsql-testers by date

  From Date Subject
Next Message Guillaume Lelarge 2010-10-15 22:24:54 Re: two questions about pg 9.0
Previous Message Guillaume Lelarge 2010-10-14 10:35:29 Re: [ADMIN] two questions about pg 9.0