On 10/21/2015 09:42 AM, justin.catterson@sofiebio.com wrote:
> The following bug has been logged on the website:
>=20
> Bug reference: 13694
> Logged by: Justin Catterson
> Email address: justin.catterson@sofiebio.com
> PostgreSQL version: 9.5beta1
> Operating system: Ubuntu 14.10 x64
> Description: =20
>=20
> Users with the CREATEUSER permission do not evaluate Row Level Security=
> functions. pg_user usebypassrls is set to false.
Not a bug. See
http://www.postgresql.org/docs/9.5/static/sql-createrole.html
"CREATEUSER
NOCREATEUSER
These clauses are an obsolete, but still accepted, spelling of
SUPERUSER and NOSUPERUSER. Note that they are not equivalent to
CREATEROLE as one might naively expect!"
And:
http://www.postgresql.org/docs/9.5/static/ddl-rowsecurity.html
"Table owners, superusers, and roles with the BYPASSRLS attribute bypass
the row security system when querying a table."
HTH,
Joe
--=20
Crunchy Data - http://crunchydata.com
PostgreSQL Support for Secure Enterprises
Consulting, Training, & Open Source Development