Re: [PATCH] Simplify permission checking logic in user.c

> 30 дек. 2020 г., в 20:26, Stephen Frost <sfrost@snowman.net> написал(а):
>
> I'd strongly suggest that, instead, you consider proposing changes which
> would address the actual use cases you have and work with the community
> to have those included in core, which would further have the added
> property that everyone would then benefit from those improvements.
+1. Last time we asked to change something in privileges[0], we got a feedback pointing to possible vulnerability.
We fixed it in our services and reported to, AFAIR, RDS and Aiven (with PoC exploits).

I think that sharing "various small changes to permission checks" is a really good idea.

> 30 дек. 2020 г., в 20:39, Stephen Frost <sfrost@snowman.net> написал(а):
> In other words, I suspect people would be happier if we
> provided a way for non-superusers a way to create replication roles and
> bypassrls roles.
+1 again. I hope we will return to the topic soon.

Best regards, Andrey Borodin.

[0] https://www.postgresql.org/message-id/flat/1269681541151271%40myt5-68ad52a76c91.qloud-c.yandex.net