| From: | Michael Paquier <michael(at)paquier(dot)xyz> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | Nathan Bossart <nathandbossart(at)gmail(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: use has_privs_of_role() for pg_hba.conf |
| Date: | 2022-10-08 04:55:50 |
| Message-ID: | Y0EC1jqziuXJnFFo@paquier.xyz |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Fri, Oct 07, 2022 at 07:59:08AM -0400, Robert Haas wrote:
> I hadn't noticed this thread before.
>
> I'm not sure whether this is properly considered a privilege check. It
> could even be an anti-privilege, if the pg_hba.conf line in question
> is maked "reject".
>
> I'm not taking the position that what this patch does is wrong, but I
> *am* taking the position that it's a judgement call what the correct
> behavior is here.
The interpretation can go both ways I guess. Now I find the argument
to treat a HBA entry based on privileges and not membership quite
appealing in terms of consistency wiht SET ROLE, particularly
considering the recent thread with predefined roles. Also, it seems
to me here that it would become easier to reason around role
hierarchies, one case being HBA entries that include predefined
roles for the role(s) to match.
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2022-10-08 05:11:38 | Re: Adding Support for Copy callback functionality on COPY TO api |
| Previous Message | Tom Lane | 2022-10-08 02:58:06 | Re: Difference between HeapTupleData and TupleTableSlot structures |