From: | Jeff Davis <pgsql(at)j-davis(dot)com> |
---|---|
To: | Robert Haas <robertmhaas(at)gmail(dot)com>, Benoit Lobréau <benoit(dot)lobreau(at)dalibo(dot)com> |
Cc: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Questions about the new subscription parameter: password_required |
Date: | 2023-09-23 01:57:19 |
Message-ID: | cf7c8ed9e2da20e7bd0de6362cb342d2a1492074.camel@j-davis.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Fri, 2023-09-22 at 08:36 -0400, Robert Haas wrote:
> On Fri, Sep 22, 2023 at 4:25 AM Benoit Lobréau
> <benoit(dot)lobreau(at)dalibo(dot)com> wrote:
> > Can we consider adding something like this to clarify?
> >
> > """
> > This parameter is enforced when the CREATE SUBSCRIPTION or ALTER
> > SUBSCRIPTION .. CONNECTION commands are executed. Therefore, it's
> > possible to alter the ownership of a subscription with
> > password_required=true to a non-superuser.
> > """
>
> I'm not sure of the exact wording, but there was another recent
> thread
> complaining about this being unclear, so it seems like some
> clarification is needed.
IIUC there is really one use case here, which is for superuser to
define a subscription including the connection, and then change the
owner to a non-superuser to actually run it (without being able to
touch the connection string itself). I'd just document that in its own
section, and mention a few caveats / mistakes to avoid. For instance,
when the superuser is defining the connection, don't forget to set
password_required=false, so that when you reassign to a non-superuser
then the connection doesn't break.
Regards,
Jeff Davis
From | Date | Subject | |
---|---|---|---|
Next Message | Peter Geoghegan | 2023-09-23 03:17:16 | nbtree's ScalarArrayOp array mark/restore code appears to be buggy |
Previous Message | Thomas Munro | 2023-09-23 01:53:47 | Failures on gombessa -- EIO? |