Home > mailing lists

Non-superuser event trigger owners - Mailing list pgsql-hackers

From	Mark Dilger
Subject	Non-superuser event trigger owners
Date	October 20, 2021 21:40:32
Msg-id	914FF898-5AC4-4E02-8A05-3876087007FB@enterprisedb.com Whole thread Raw
Responses	Re: Non-superuser event trigger owners (Mark Dilger <mark.dilger@enterprisedb.com>)
List	pgsql-hackers

Tree view

These patches have been split off the now deprecated monolithic "Delegating superuser tasks to new security roles"
threadat [1]. 

The purpose of these patches is to allow ordinary users to create and own event triggers without introducing escalation
attackvectors: 



[1] https://www.postgresql.org/message-id/flat/F9408A5A-B20B-42D2-9E7F-49CD3D1547BC%40enterprisedb.com
—
Mark Dilger
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

Attachment

pgsql-hackers by date:

From: Mark Dilger
Date: 20 October 2021, 21:40:10
Subject: New privileged roles which can SET and ALTER SYSTEM SET

From: Mark Dilger
Date: 20 October 2021, 21:40:35
Subject: CREATEROLE and role ownership hierarchies

Non-superuser event trigger owners - Mailing list pgsql-hackers

Attachment

Previous

Next