Re: superusers are members of all roles?
| От | Robert Haas |
|---|---|
| Тема | Re: superusers are members of all roles? |
| Дата | |
| Msg-id | CA+TgmobBa+C3cDx1hJ-YbD+jpYb8WEjvg=yE=s7rz3cYOrhy5w@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: superusers are members of all roles? (Stephen Frost <sfrost@snowman.net>) |
| Список | pgsql-hackers |
On Sun, Sep 11, 2011 at 10:32 PM, Stephen Frost <sfrost@snowman.net> wrote: > * Andrew Dunstan (andrew@dunslane.net) wrote: >> > Address problem where superusers are assumed to be members of all groups >> > >> > http://archives.postgresql.org/pgsql-hackers/2011-04/msg00337.php >> >> This turns out to be a one-liner. > > I really don't know that I agree with removing this, to be honest.. I > haven't got time at the moment to really discuss it, but at the very > least, not being able to 'set role' to any user when postgres would be > REALLY annoying.. Sure. But I don't believe anyone has proposed changing that. What we're talking about here is that, for example, setting a reject rule for a certain group in pg_hba.conf will always match superusers, even though they're not in that group. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company
В списке pgsql-hackers по дате отправления: