Home > mailing lists

Non-superuser subscription owners - Mailing list pgsql-hackers

From	Mark Dilger
Subject	Non-superuser subscription owners
Date	October 20, 2021 21:40:39
Msg-id	9DFC88D3-1300-4DE8-ACBC-4CEF84399A53@enterprisedb.com Whole thread Raw
Responses	Re: Non-superuser subscription owners (Ronan Dunklau <ronan.dunklau@aiven.io>) Re: Non-superuser subscription owners (Andrew Dunstan <andrew@dunslane.net>)
List	pgsql-hackers

Tree view

These patches have been split off the now deprecated monolithic "Delegating superuser tasks to new security roles"
threadat [1]. 

The purpose of these patches is to allow non-superuser subscription owners without risk of them overwriting tables they
lackprivilege to write directly. This both allows subscriptions to be managed by non-superusers, and protects servers
withsubscriptions from malicious activity on the publisher side. 



[1] https://www.postgresql.org/message-id/flat/F9408A5A-B20B-42D2-9E7F-49CD3D1547BC%40enterprisedb.com
—
Mark Dilger
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

Attachment

pgsql-hackers by date:

From: Mark Dilger
Date: 20 October 2021, 21:40:35
Subject: CREATEROLE and role ownership hierarchies

From: Tomas Vondra
Date: 20 October 2021, 21:40:56
Subject: Re: [RFC] speed up count(*)

Non-superuser subscription owners - Mailing list pgsql-hackers

Attachment

Previous

Next