Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.89) (envelope-from ) id 1iVXxj-0001rP-FN for pgsql-hackers@arkaria.postgresql.org; Fri, 15 Nov 2019 09:32:19 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.89) (envelope-from ) id 1iVXxi-0004RA-4F for pgsql-hackers@arkaria.postgresql.org; Fri, 15 Nov 2019 09:32:18 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.89) (envelope-from ) id 1iVXxh-0004R2-Jp for pgsql-hackers@lists.postgresql.org; Fri, 15 Nov 2019 09:32:17 +0000 Received: from mail-wm1-x32b.google.com ([2a00:1450:4864:20::32b]) by makus.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1iVXxe-0003TD-7o for pgsql-hackers@postgresql.org; Fri, 15 Nov 2019 09:32:16 +0000 Received: by mail-wm1-x32b.google.com with SMTP id q70so8932408wme.1 for ; Fri, 15 Nov 2019 01:32:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cybertec-at.20150623.gappssmtp.com; s=20150623; h=message-id:subject:from:to:cc:date:in-reply-to:references :user-agent:mime-version; bh=WleV/AdhobDDoUaI/fQ3zz9widBShRnF1BmJeZ8XQNI=; b=MIV6rdyV8mCrgDd03URP39mMV+roPilY49+AsiZth48cUdIRvojiKK6uHTGoLq2FOz DrYOv+iCKWxYat/SbVh4eD1u26iIZDriebPsZJomATtacvnZu11A7sPbt4XweGVQ+PS3 KGnaRiUVfTFq5PPNb5MpwIj9moY8bxKfKLIpb08NL8BHS+cw1hzUEvNv8blIon8lFm8K aqbd8xyqo6c/Xex/UfvqRP8AENEtKzpBaDLrun0XXvMdUxJ8gwTlp9z74R1yMAQZyPKF qlCT8ZTXAgqYlL+POYD1FRO2e6eAcYowZFNAKUK8dKiUzNrm+vwVtrFKhDrQGyAAwNct 1vWw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:subject:from:to:cc:date:in-reply-to :references:user-agent:mime-version; bh=WleV/AdhobDDoUaI/fQ3zz9widBShRnF1BmJeZ8XQNI=; b=Omyn9wpenayfaqFzS9iNtyVPiyV/VQkiqWjiZ1YGpkOgISpBNA56JlTKtctpZlsn2z E9rl1x2rmoeSP6d+Q8OIbiiio9GG8HHP3CZY5OznWtvceMWJblbsVwboXbG9ej8TcQwv WGbC9XMImRmHvG9ggmrvUaCItXKSriw+6fhxzTVqW0EI7xn30RzESVN1cZQqG/zQS5DO /hbJO7QroNqvPbDhVvdsSQgHoIOWFNaHvjoIkpDmWvGzCcHfs8T9/VK1QH7rnLi+hMfP DIMZk9FD4ISsQxAd8vZzfo2iX04bYZUVpurl7al36vYlRqOXOX7jFVvYutrijrQLydJp ZqdA== X-Gm-Message-State: APjAAAXc0pIXoUqcBlHz+QiyR5gLGkPapfXRNopIG2GYnysrwUROVeDw CC8HAwmStXZZJ5RGtD3NcSKyCg== X-Google-Smtp-Source: APXvYqzyf6BXfyF0FyPSbbeije3rqDXkoFAPMdnr1FlkusQQia1UmrzKmwxhFFRPb7oVOq5mrPfONw== X-Received: by 2002:a05:600c:22c1:: with SMTP id 1mr13889739wmg.142.1573810332607; Fri, 15 Nov 2019 01:32:12 -0800 (PST) Received: from localhost.localdomain (217-149-172-4.nat.highway.telekom.at. [217.149.172.4]) by smtp.gmail.com with ESMTPSA id i13sm10302150wrp.12.2019.11.15.01.32.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Nov 2019 01:32:11 -0800 (PST) Message-ID: Subject: Re: Role membership and DROP From: Laurenz Albe To: Tom Lane Cc: pgsql-hackers@postgresql.org, pgsql-docs@lists.postgresql.org Date: Fri, 15 Nov 2019 10:32:11 +0100 In-Reply-To: <6808.1573683426@sss.pgh.pa.us> References: <504497aca66bf34bdcdd90bd0bcebdc3a33f577b.camel@cybertec.at> <6808.1573683426@sss.pgh.pa.us> Content-Type: multipart/mixed; boundary="=-LNN3UlfuEURHgHPgxO7Q" User-Agent: Evolution 3.32.4 (3.32.4-1.fc30) MIME-Version: 1.0 List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Precedence: bulk --=-LNN3UlfuEURHgHPgxO7Q Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit On Wed, 2019-11-13 at 17:17 -0500, Tom Lane wrote: > Laurenz Albe writes: > > I realized only today that if role A is a member of role B, > > A can ALTER and DROP objects owned by B. > > I don't have a problem with that, but the documentation seems to > > suggest otherwise. For example, for DROP TABLE: > > Only the table owner, the schema owner, and superuser can drop a table. > > Generally, if you are a member of a role, that means you are the role for > privilege-test purposes. I'm not on board with adding "(or a member of > that role)" to every place it could conceivably be added; I think that > would be more annoying than helpful. > > It might be worth clarifying this point in section 5.7, > > https://www.postgresql.org/docs/devel/ddl-priv.html > > but let's not duplicate that in every ref/ page. That's much better. I have attached a proposed patch. Yours, Laurenz Albe --=-LNN3UlfuEURHgHPgxO7Q Content-Disposition: attachment; filename*0=0001-Document-that-the-right-to-ALTER-or-DROP-can-be-inhe.pat; filename*1=ch Content-Type: text/x-patch; name="0001-Document-that-the-right-to-ALTER-or-DROP-can-be-inhe.patch"; charset="UTF-8" Content-Transfer-Encoding: base64 RnJvbSBiYWRmZTU5NzUwZGVjODJkZmZlMThhNWE0M2ZiMTZmNzJmMjgzYTdkIE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBMYXVyZW56IEFsYmUgPGxhdXJlbnouYWxiZUBjeWJlcnRlYy5h dD4KRGF0ZTogRnJpLCAxNSBOb3YgMjAxOSAxMDoyODoyNiArMDEwMApTdWJqZWN0OiBbUEFUQ0hd IERvY3VtZW50IHRoYXQgdGhlIHJpZ2h0IHRvIEFMVEVSIG9yIERST1AgY2FuIGJlIGluaGVyaXRl ZAoKRGlzY3Vzc2lvbjogaHR0cHM6Ly9wb3N0Z3IuZXMvbS81MDQ0OTdhY2E2NmJmMzRiZGNkZDkw YmQwYmNlYmRjM2EzM2Y1NzdiLmNhbWVsQGN5YmVydGVjLmF0Ci0tLQogZG9jL3NyYy9zZ21sL2Rk bC5zZ21sIHwgMyArKy0KIDEgZmlsZSBjaGFuZ2VkLCAyIGluc2VydGlvbnMoKyksIDEgZGVsZXRp b24oLSkKCmRpZmYgLS1naXQgYS9kb2Mvc3JjL3NnbWwvZGRsLnNnbWwgYi9kb2Mvc3JjL3NnbWwv ZGRsLnNnbWwKaW5kZXggZDcxNThjMWIwMy4uNTFlMTk1N2Y4NSAxMDA2NDQKLS0tIGEvZG9jL3Ny Yy9zZ21sL2RkbC5zZ21sCisrKyBiL2RvYy9zcmMvc2dtbC9kZGwuc2dtbApAQCAtMTU3OSw3ICsx NTc5LDggQEAgQUxURVIgVEFCTEUgcHJvZHVjdHMgUkVOQU1FIFRPIGl0ZW1zOwogCiAgIDxwYXJh PgogICAgVGhlIHJpZ2h0IHRvIG1vZGlmeSBvciBkZXN0cm95IGFuIG9iamVjdCBpcyBhbHdheXMg dGhlIHByaXZpbGVnZSBvZgotICAgdGhlIG93bmVyIG9ubHkuCisgICB0aGUgb3duZXIuICBMaWtl IGFsbCBwcml2aWxlZ2VzLCB0aGF0IHJpZ2h0IGNhbiBiZSBpbmhlcml0ZWQgYnkgbWVtYmVycyBv ZgorICAgdGhlIG93bmluZyByb2xlLgogICA8L3BhcmE+CiAKICAgPHBhcmE+Ci0tIAoyLjIxLjAK Cg== --=-LNN3UlfuEURHgHPgxO7Q--