Home > mailing lists

[PATCH] remove is_member_of_role() from header, add can_set_role() - Mailing list pgsql-hackers

From	Joshua Brindle
Subject	[PATCH] remove is_member_of_role() from header, add can_set_role()
Date	October 27, 2021 19:26:56
Msg-id	CAGB+Vh4enxvLBM_BJweWEO12Q0ySLMBWK9iOLaM7e=V1Y0YadA@mail.gmail.com Whole thread Raw
Responses	Re: [PATCH] remove is_member_of_role() from header, add can_set_role()
List	pgsql-hackers

Tree view

As a follow-on to Conflation of member/privs for predefined roles,
this removes is_member_of_role from the header to dissuade it's use
for privilege checking. Since SET ROLE must use membership rather than
privileges a new, explicitly named can_set_role() function is
exported.

is_member_of_role_nosuper() still exists for the following purposes:
- membership loop checking in user.c
- membership matching for pg_hba.conf in hba.c

Other uses of is_member_of_role_nosuper() should be avoided.

Attachment

0001-unexport-is_member_of_role-add-can_set_role.patch

pgsql-hackers by date:

From: Bharath Rupireddy
Date: 27 October 2021, 19:26:37
Subject: Isn't it better with "autovacuum worker...." instead of "worker took too long to start; canceled" specific to "auto

From: Jacob Champion
Date: 27 October 2021, 19:49:21
Subject: Re: allowing "map" for password auth methods with clientcert=verify-full

[PATCH] remove is_member_of_role() from header, add can_set_role() - Mailing list pgsql-hackers

Attachment

Previous

Next