Home > mailing lists

Re: Delegating superuser tasks to new security roles (Was: Granting control of SUSET gucs to non-superusers) - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: Delegating superuser tasks to new security roles (Was: Granting control of SUSET gucs to non-superusers)
Date	July 27, 2021 18:36:54
Msg-id	304963.1627400214@sss.pgh.pa.us Whole thread Raw
In response to	Re: Delegating superuser tasks to new security roles (Was: Granting control of SUSET gucs to non-superusers) (Robert Haas <robertmhaas@gmail.com>)
List	pgsql-hackers

Tree view

Robert Haas <robertmhaas@gmail.com> writes:
> Dang it, yes. The tenant needs to be members of all the other users,
> not the other way around. I spent a long time trying to not get that
> backwards and still did.

The "membership" terminology is inherently confusing I fear.
Maybe better to say that all the roles-to-be-audited must
be GRANTed to the "tenant" role?

            regards, tom lane

pgsql-hackers by date:

From: Andrew Dunstan
Date: 27 July 2021, 18:29:58
Subject: Re: Reduce the number of special cases to build contrib modules on windows

From: ilmari@ilmari.org (Dagfinn Ilmari Mannsåker)
Date: 27 July 2021, 18:52:38
Subject: Re: Reduce the number of special cases to build contrib modules on windows

Re: Delegating superuser tasks to new security roles (Was: Granting control of SUSET gucs to non-superusers) - Mailing list pgsql-hackers

Previous

Next