> On Mar 28, 2017, at 9:55 AM, Robert Haas <robertmhaas@gmail.com> wrote:
>
> On Tue, Mar 28, 2017 at 12:47 PM, Dave Page <dpage@pgadmin.org> wrote:
>>> I don't see any precedent in the code for having a hardcoded role, other than
>>> superuser, and allowing privileges based on a hardcoded test for membership
>>> in that role. I'm struggling to think of all the security implications of that.
>>
>> This would be the first.
>
> Isn't pg_signal_backend an existing precedent?
Sorry, I meant to say that there is no precedent for allowing access to data based
on a hardcoded test for membership in a role other than superuser. All the
locations that use pg_signal_backend are checking for something other than
data access privileges. That distinction was clear to me in the context of what I
was saying, but I obviously didn't phrase it right in my email.
mark
