Quick Links

Re: User with BYPASSRLS privilege can't change password

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	Wolfgang Walther <walther(at)technowledgy(dot)de>
Cc:	Stephen Frost <sfrost(at)snowman(dot)net>, pgsql-bugs(at)lists(dot)postgresql(dot)org
Subject:	Re: User with BYPASSRLS privilege can't change password
Date:	2020-11-03 18:19:01
Message-ID:	958492.1604427541@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-bugs

Wolfgang Walther <walther(at)technowledgy(dot)de> writes:
> This is because the "must be superuser to alter replication users"
> condition only triggers when the altered role already has isrepliaction,
> so isreplication could very well be >= 0 here.

How do you figure that? This is in an "else" path after

else if (authform->rolreplication || isreplication >= 0)

so AFAICS it's impossible to get there. If it isn't impossible,
we have a much bigger hole with respect to issuper.

regards, tom lane

In response to

Re: User with BYPASSRLS privilege can't change password at 2020-11-03 18:05:32 from Wolfgang Walther

Responses

Re: User with BYPASSRLS privilege can't change password at 2020-11-03 18:26:13 from Wolfgang Walther

Browse pgsql-bugs by date

	From	Date	Subject
Next Message	Wolfgang Walther	2020-11-03 18:26:13	Re: User with BYPASSRLS privilege can't change password
Previous Message	Tom Lane	2020-11-03 18:17:23	Re: User with BYPASSRLS privilege can't change password