| From: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
|---|---|
| To: | Andrew Gierth <andrew(at)tao11(dot)riddles(dot)org(dot)uk> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, "bossartn(at)amazon(dot)com" <bossartn(at)amazon(dot)com>, "pgsql-bugs(at)postgresql(dot)org" <pgsql-bugs(at)postgresql(dot)org> |
| Subject: | Re: BUG #14242: Role with a setconfig "role" setting to a nonexistent role causes pg_upgrade to fail |
| Date: | 2016-07-12 00:05:40 |
| Message-ID: | CAKFQuwaJi9SJnaKsU8rK5zqZE0RyTVvoCa9XMLLjBB+K67e_4g@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
On Mon, Jul 11, 2016 at 7:36 PM, Andrew Gierth <andrew(at)tao11(dot)riddles(dot)org(dot)uk>
wrote:
> Tom> If the named role is the same as the actual role, then it's
> Tom> useless. If they're different, it seems at best confusing. In
> Tom> the context of ALTER DATABASE SET, it seems both confusing and
> Tom> possibly a security hazard.
>
> It _appears_ to silently fail if the user logging in is not actually a
> member of the specified role. I have not looked at the code.
>
WARNING:\s\spermission denied to set role "grouprole"
David J.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David G. Johnston | 2016-07-12 02:08:54 | Re: BUG #14242: Role with a setconfig "role" setting to a nonexistent role causes pg_upgrade to fail |
| Previous Message | David G. Johnston | 2016-07-12 00:01:30 | Re: BUG #14242: Role with a setconfig "role" setting to a nonexistent role causes pg_upgrade to fail |