Laurenz Albe <laurenz.albe@cybertec.at> writes:
> This is a script to reproduce the problem:
As commented in 73c9f91a1,
This all seems very accidental and probably not the behavior we really
want, but a security patch is no time to be redesigning things.
Perhaps this thread is a good place to start the discussion.
In the security-team discussion that led up to 73c9f91a1, I'd been
wondering why parallel worker start enforces any connection
restrictions at all. If we'd like the use of parallelism to be
more-or-less transparent, we shouldn't apply these checks,
and not the !am_superuser ones in InitPostgres either. If we do
want to apply permissions checks in parallel worker start, why
should we think that the failure in this example is wrong?
regards, tom lane
