On 02/14/20 18:43, Tom Lane wrote:
> I suppose it could be argued that that's a bug in the interpretation
> of role membership: arguably, if you're a member of some superuser
> role, that ought to give you membership in anything else. IOW, a
> superuser's implicit membership in every role isn't transitive,
> and maybe it should be. But I'm not sure that I want to change that;
> it feels like doing so might have surprising side-effects.
I have a tendency to create roles like postgres_assumable or
dba_assumable, which are themselves members of the indicated
roles, but without rolinherit, and then grant those to my own
role. That way in my day to day faffing about, I don't get to
make superuser-powered mistakes, but I can 'set role postgres'
when needed.
Would it make sense for a proposed transitive superuser-membership-
in-everything also to stop at a role without rolinherit? Clearly
it would just add one extra step to 'set role anybody', but sometimes
one extra step inspires a useful extra moment of thought.
Regards,
-Chap