Postgres Pro
Downloads
Home   >   mailing lists

BUG #18934: Even with WITH ADMIN OPTION, I Cannot Manage Role Memberships - Mailing list pgsql-bugs

From PG Bug reporting form
Subject BUG #18934: Even with WITH ADMIN OPTION, I Cannot Manage Role Memberships
Date
Msg-id 18934-67d2e90068801d2b@postgresql.org
Whole thread Raw
Responses Re: BUG #18934: Even with WITH ADMIN OPTION, I Cannot Manage Role Memberships
List pgsql-bugs
Tree view 
The following bug has been logged on the website:

Bug reference:      18934
Logged by:          Luis Couto
Email address:      snaperling@gmail.com
PostgreSQL version: 16.8
Operating system:   Windows 10
Description:

In PostgreSQL, I have a role hierarchy involving a user and two group roles:
Roles:
    tester1@something — a user role (not superuser)
    user_manager — an intermediate group role
    user_group — the target group role whose membership I want to manage
| Role                             | Member Of            | `WITH ADMIN
OPTION` |
| `tester1@something`   | `user_manager`    | YES
|
| `user_manager`           | `user_group`         | YES
|
In this configuration:
    tester1@something should be able to add/remove members from user_group.
    But it cannot — GRANT or REVOKE on user_group fails.
    Even though tester1@something has full admin rights on user_manager, and
user_manager has admin rights on user_group.
Role Setup (After Manual Fix)
When I run:
REVOKE ADMIN OPTION FOR user_group FROM user_manager;
So that now:
Role                             Member Of      WITH ADMIN OPTION
tester1@something       user_manager           YES
user_manager            user_group                 NO
Now, unexpectedly:
    tester1@something can add and remove members from user_group.
    Even though no role in the chain has WITH ADMIN OPTION on user_group.
Summary of the Two Issues
1. Main Issue (Unexpected Restriction):
    When user_manager has WITH ADMIN OPTION on user_group, and I (as
tester1@something) have WITH ADMIN OPTION on user_manager, I cannot manage
user_group.
This is confusing — PostgreSQL should allow it, as both admin links are
present. (maybe I'm getting something wrong)
2. Secondary Issue (Unexpected Permission Grant):
    If I revoke admin option from user_manager on user_group, suddenly I can
manage user_group from tester1@something.
This contradicts the documented need for WITH ADMIN OPTION and appears to
expose a privilege inconsistency or escalation.
What could be happening?
Thank you in advance,
Luis Couto

pgsql-bugs by date:

Previous
From: Ge Yuxiang
Date:
Subject: Ge Yuxiang added you to the postgresql group
Next
From: PG Bug reporting form
Date:
Subject: BUG #18935: The optimiser's choice of sort doubles the execution time.