Re: non-superusers are allowed to drop the replication user, but are not allowed to alter or even create them, is that ok?

From: Mark Dilger <mark(dot)dilger(at)enterprisedb(dot)com>
To: Ashutosh Sharma <ashu(dot)coek88(at)gmail(dot)com>
Cc: PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>
Subject: Re: non-superusers are allowed to drop the replication user, but are not allowed to alter or even create them, is that ok?
Date: 2021-09-30 15:10:06
Message-ID: F1EFCFFF-EC9E-42D1-9C3C-3741C553CE34@enterprisedb.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

> On Sep 30, 2021, at 3:07 AM, Ashutosh Sharma <ashu(dot)coek88(at)gmail(dot)com> wrote:
>
> While working on one of the internal projects I noticed that currently in Postgres, we do not allow normal users to alter attributes of the replication user. However we do allow normal users to drop replication users or to even rename it using the alter command. Is that behaviour ok? If yes, can someone please help me understand how and why this is okay.

The definition of CREATEROLE is a bit of a mess. Part of the problem is that roles do not have owners, which makes the permissions to drop roles work differently than for other object types. I have a patch pending [1] for the version 15 development cycle that fixes this and other problems. I'd appreciate feedback on the design and whether it addresses your concerns.

[1] https://commitfest.postgresql.org/34/3223/


Mark Dilger
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Jacob Champion 2021-09-30 16:04:39 Re: Support for NSS as a libpq TLS backend
Previous Message Dmitry Dolgov 2021-09-30 15:09:57 Re: pg_stat_statements and "IN" conditions