Re: Irreversible SET ROLE - Mailing list pgsql-general

From Bryn Jeffries
Subject Re: Irreversible SET ROLE
Date
Msg-id 7DAF466372B27747B8EA808BE5651FA561BB2594@ex-mbx-pro-01
Whole thread Raw
In response to Re: Irreversible SET ROLE  (Tom Lane <tgl@sss.pgh.pa.us>)
Responses Re: Irreversible SET ROLE
List pgsql-general
Tom Lane wrote
>> I have a question about preventing SET ROLE from being reset within a session.
>
> You can't; per SQL standard, SET ROLE NONE is supposed to do exactly that.
>
> I think you might be able to do something with invoking untrusted code
> inside a SECURITY DEFINER function.  That context disables both SET ROLE
> and SET SESSION AUTHORIZATION.  I would not want to bet a lot on that
> being bulletproof, however.

Me neither. But out of interest, do you know what the intent was for the SESSION and LOCAL modifiers for SET ROLE?
Both seem to do nothing more than regular SET ROLE, but are PostgreSQL extensions.

pgsql-general by date:

Previous
From: David G Johnston
Date:
Subject: Re: Merge rows based on Levenshtein distance
Next
From: Bryn Jeffries
Date:
Subject: Re: Irreversible SET ROLE