| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Allow users with BYPASSRLS to alter their own passwords. |
| Date: | 2020-11-03 20:41:56 |
| Message-ID: | E1ka37s-0005o3-TI@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Allow users with BYPASSRLS to alter their own passwords.
The intention in commit 491c029db was to require superuserness to
change the BYPASSRLS property, but the actual effect of the coding
in AlterRole() was to require superuserness to change anything at all
about a BYPASSRLS role. Other properties of a BYPASSRLS role should
be changeable under the same rules as for a normal role, though.
Fix that, and also take care of some documentation omissions related
to BYPASSRLS and REPLICATION role properties.
Tom Lane and Stephen Frost, per bug report from Wolfgang Walther.
Back-patch to all supported branches.
Discussion: https://postgr.es/m/a5548a9f-89ee-3167-129d-162b5985fcf8@technowledgy.de
Branch
------
REL9_5_STABLE
Details
-------
https://git.postgresql.org/pg/commitdiff/77df80cf691af9270ef52d860b5615d6d0a7afbc
Modified Files
--------------
doc/src/sgml/ref/alter_role.sgml | 6 ++++--
doc/src/sgml/ref/create_role.sgml | 11 +++++++++--
src/backend/commands/user.c | 10 ++++++----
3 files changed, 19 insertions(+), 8 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2020-11-03 20:49:11 | pgsql: Improve error messages around REPLICATION and BYPASSRLS properti |
| Previous Message | Peter Eisentraut | 2020-11-03 14:50:54 | pgsql: Disallow ALTER TABLE ONLY / DROP EXPRESSION |