projects / users / rhaas / postgres.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cf5eb37) | patch
Add new GUC createrole_self_grant.
authorRobert Haas <rhaas@postgresql.org>
Tue, 10 Jan 2023 17:44:49 +0000 (12:44 -0500)
committerRobert Haas <rhaas@postgresql.org>
Tue, 10 Jan 2023 17:44:49 +0000 (12:44 -0500)
commite5b8a4c098ad6add39626a14475148872cd687e0
tree772094cf3bba3340bfa13afee99a30d24430927ctree
parentcf5eb37c5ee0cc54c80d95c1695d7fca1f7c68cbcommit | diff
Add new GUC createrole_self_grant.

Can be set to the empty string, or to either or both of "set" or
"inherit". If set to a non-empty value, a non-superuser who creates
a role (necessarily by relying up the CREATEROLE privilege) will
grant that role back to themselves with the specified options.

This isn't a security feature, because the grant that this feature
triggers can also be performed explicitly. Instead, it's a user experience
feature. A superuser would necessarily inherit the privileges of any
created role and be able to access all such roles via SET ROLE;
with this patch, you can configure createrole_self_grant = 'set, inherit'
to provide a similar experience for a user who has CREATEROLE but not
SUPERUSER.

Discussion: https://postgr.es/m/CA+TgmobN59ct+Emmz6ig1Nua2Q-_o=r6DSD98KfU53kctq_kQw@mail.gmail.com
doc/src/sgml/config.sgml diff | blob | blame | history
doc/src/sgml/ref/create_role.sgml diff | blob | blame | history
doc/src/sgml/ref/createuser.sgml diff | blob | blame | history
src/backend/commands/user.c diff | blob | blame | history
src/backend/utils/misc/guc_tables.c diff | blob | blame | history
src/backend/utils/misc/postgresql.conf.sample diff | blob | blame | history
src/include/commands/user.h diff | blob | blame | history
src/test/regress/expected/create_role.out diff | blob | blame | history
src/test/regress/sql/create_role.sql diff | blob | blame | history
Robert Haas's development tree.