| From: | Mark Dilger <mark(dot)dilger(at)enterprisedb(dot)com> |
|---|---|
| To: | Joshua Brindle <joshua(dot)brindle(at)crunchydata(dot)com> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [PATCH] remove is_member_of_role() from header, add can_set_role() |
| Date: | 2021-10-27 17:12:16 |
| Message-ID: | B96909D5-A0FB-45BA-B53A-38360886AA4A@enterprisedb.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> On Oct 27, 2021, at 9:26 AM, Joshua Brindle <joshua(dot)brindle(at)crunchydata(dot)com> wrote:
>
> As a follow-on to Conflation of member/privs for predefined roles,
> this removes is_member_of_role from the header to dissuade it's use
> for privilege checking. Since SET ROLE must use membership rather than
> privileges a new, explicitly named can_set_role() function is
> exported.
>
> is_member_of_role_nosuper() still exists for the following purposes:
> - membership loop checking in user.c
> - membership matching for pg_hba.conf in hba.c
>
> Other uses of is_member_of_role_nosuper() should be avoided.
> <0001-unexport-is_member_of_role-add-can_set_role.patch>
I don't understand the purpose of this. You are defining can_set_role(member,role) as a simple wrapper around is_member_of_role(member,role). Couldn't the comment:
+ *
+ * Do not use this for privilege checking, instead use has_privs_of_role()
be added to the header for is_member_of_role() without needing the new wrapper function?
—
Mark Dilger
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joshua Brindle | 2021-10-27 17:17:38 | Re: [PATCH] remove is_member_of_role() from header, add can_set_role() |
| Previous Message | Jonathan S. Katz | 2021-10-27 16:53:44 | Re: allowing "map" for password auth methods with clientcert=verify-full |