Home > mailing lists

CREATEROLE and role ownership hierarchies - Mailing list pgsql-hackers

From	Mark Dilger
Subject	CREATEROLE and role ownership hierarchies
Date	October 20, 2021 21:40:35
Msg-id	D9065DFB-56DB-4E89-A73E-DB8CC2C746C6@enterprisedb.com Whole thread Raw
Responses	Re: CREATEROLE and role ownership hierarchies
List	pgsql-hackers

Tree view

These patches have been split off the now deprecated monolithic "Delegating superuser tasks to new security roles"
threadat [1]. 

The purpose of these patches is to fix the CREATEROLE escalation attack vector misfeature.  (Not everyone will see
CREATEROLEthat way, but the perceived value of the patch set likely depends on how much you see CREATEROLE in that
light.)



[1] https://www.postgresql.org/message-id/flat/F9408A5A-B20B-42D2-9E7F-49CD3D1547BC%40enterprisedb.com
—
Mark Dilger
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

Attachment

pgsql-hackers by date:

From: Mark Dilger
Date: 20 October 2021, 21:40:32
Subject: Non-superuser event trigger owners

From: Mark Dilger
Date: 20 October 2021, 21:40:39
Subject: Non-superuser subscription owners

CREATEROLE and role ownership hierarchies - Mailing list pgsql-hackers

Attachment

Previous

Next