Home > mailing lists

[Doc Patch] Clarify that CREATEROLE roles can GRANT default roles - Mailing list pgsql-hackers

From	Michael Banck
Subject	[Doc Patch] Clarify that CREATEROLE roles can GRANT default roles
Date	November 28, 2020 01:49:59
Msg-id	2160a5071a7bb5339055b04a8cad81a822be9d8d.camel@credativ.de Whole thread Raw
Responses	Re: [Doc Patch] Clarify that CREATEROLE roles can GRANT default roles (Masahiko Sawada <sawada.mshk@gmail.com>)
List	pgsql-hackers

Tree view

Hi,

https://www.postgresql.org/docs/current/default-roles.html mentions the
"Administrator" several times, but does not specify it further. I
understand that it is mentioned elsewhere [1], but I think it would be
beneficial to remind the reader on that page at least once that
"Administrators" includes "roles with the CREATEROLE privilege" in the
context of GRANTing and REVOKEing default privileges, e.g. with the
attached patch.


Michael

[1] e.g. at https://www.postgresql.org/docs/current/sql-createrole.html
it is mentioned that CREATEROLE privs can be regarded as "almost-superuser-roles"

-- 
Michael Banck
Projektleiter / Senior Berater
Tel.: +49 2166 9901-171
Fax:  +49 2166 9901-100
Email: michael.banck@credativ.de

credativ GmbH, HRB Mönchengladbach 12080
USt-ID-Nummer: DE204566209
Trompeterallee 108, 41189 Mönchengladbach
Geschäftsführung: Dr. Michael Meskes, Jörg Folz, Sascha Heuer

Unser Umgang mit personenbezogenen Daten unterliegt
folgenden Bestimmungen: https://www.credativ.de/datenschutz

Attachment

default-roles-createrole.patch

pgsql-hackers by date:

From: Stephen Frost
Date: 28 November 2020, 01:01:36
Subject: Re: Log message for GSS connection is missing once connection authorization is successful.

From: Tom Lane
Date: 28 November 2020, 02:45:57
Subject: Re: Improving spin-lock implementation on ARM.

[Doc Patch] Clarify that CREATEROLE roles can GRANT default roles - Mailing list pgsql-hackers

Attachment

Previous

Next