| From: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Stephen Frost <sfrost(at)snowman(dot)net>, Wolfgang Walther <walther(at)technowledgy(dot)de>, PostgreSQL mailing lists <pgsql-bugs(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: User with BYPASSRLS privilege can't change password |
| Date: | 2020-11-03 19:13:13 |
| Message-ID: | CAKFQuwYvEFPRGXv2tbV-2ymsUA+2gTULCab5QH_sm23W8ODW2w@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
On Tue, Nov 3, 2020 at 12:06 PM Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> "David G. Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> writes:
> > Is the nuance that in reality a non-superuser cannot specify BypassRLS
> even
> > if the effective value is unchanged unimportant here?
>
> I was wondering about that. You could definitely make a case for a
> weaker set of rules here. However, the superuser restriction has been
> like that for 15-ish years without much complaint, so it doesn't seem
> that it bothers people in practice.
>
>
Agreed that the behavior seems fine to keep. Was more about the
documentation saying "change" instead of "specify".
David J.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stephen Frost | 2020-11-03 20:02:38 | Re: User with BYPASSRLS privilege can't change password |
| Previous Message | Tom Lane | 2020-11-03 19:06:50 | Re: User with BYPASSRLS privilege can't change password |