> One of the interesting behaviors (or perhaps not) is how > 'pg_class_aclmask' handles an invalid role id when checking permissions > against 'rolsuper' instead of 'rolcatupdate'.
I'd get rid of that whole check, not just replace rolcatupdate by rolsuper.
Ah yes, that's a good point. I have updated and attached a new version of the patch.