Noah Misch <noah@leadboat.com> writes:
> Let's look at the behavior of DDL-exposed access constraints for precedent. We
> currently have three paradigms for applying access control to superusers:
> 1. Settings that affect superusers and regular users identically. These include
> ALTER ROLE ... LOGIN | VALID UNTIL.
> 2. Rights that superusers possess implicitly and irrevocably; the actual setting
> recorded in pg_authid or elsewhere has no effect. These include GRANT ... ON
> TABLE and ALTER ROLE ... CREATEDB | CREATEROLE.
> 3. ALTER ROLE ... REPLICATION is very similar to #1, except that CREATE ROLE
> ... SUPERUSER implies CREATE ROLE ... SUPERUSER REPLICATION.
> I think we should merge #3 into #2; nothing about the REPLICATION setting
> justifies a distinct paradigm.
Yeah, there's much to be said for that. I thought the notion of a
privilege that superusers might not have was pretty bogus to start with.
rolcatupdate isn't a very good precedent to rely on because it's never
been documented or used to any noticeable extent, so there's no reason
to think that it provides a tested-and-accepted behavior.
regards, tom lane