Home > mailing lists

Re: User with BYPASSRLS privilege can't change password - Mailing list pgsql-bugs

From	Tom Lane
Subject	Re: User with BYPASSRLS privilege can't change password
Date	November 3, 2020 21:19:01
Msg-id	958492.1604427541@sss.pgh.pa.us Whole thread Raw
In response to	Re: User with BYPASSRLS privilege can't change password (Wolfgang Walther <walther@technowledgy.de>)
Responses	Re: User with BYPASSRLS privilege can't change password
List	pgsql-bugs

Tree view

Wolfgang Walther <walther@technowledgy.de> writes:
> This is because the "must be superuser to alter replication users" 
> condition only triggers when the altered role already has isrepliaction, 
> so isreplication could very well be >= 0 here.

How do you figure that?  This is in an "else" path after

    else if (authform->rolreplication || isreplication >= 0)

so AFAICS it's impossible to get there.  If it isn't impossible,
we have a much bigger hole with respect to issuper.

            regards, tom lane

pgsql-bugs by date:

From: Tom Lane
Date: 03 November 2020, 21:17:23
Subject: Re: User with BYPASSRLS privilege can't change password

From: Wolfgang Walther
Date: 03 November 2020, 21:26:13
Subject: Re: User with BYPASSRLS privilege can't change password

Re: User with BYPASSRLS privilege can't change password - Mailing list pgsql-bugs

Previous

Next