public inbox for [email protected]
help / color / mirror / Atom feedFrom: Calvin Guo <[email protected]>
To: [email protected]
Subject: set role command
Date: Mon, 24 Nov 2025 16:15:03 +0800
Message-ID: <CA+bysH_or91tt7r0gKLJtw5Wp+DEYwnaRJoTvLfKO33dcdQ_rQ@mail.gmail.com> (raw)
I feel that set role logic is kindof misleading.
I am a superuser, admin,
I do:
set role usera
Now I am under the security context of usera, so I think running any sql is
safe as long as it's allowed by usera.
Which is not the case!
as usera can do:
set role userb; other sql,
or
reset role; orther sql,
it turns out it's not safe at all, the sql can easily get access right of
the super user. it can impernate userb though they do not have any
relationship whatso ever.
I really feel, once you "set role usera", you should behave like usera, you
should NOT have the power say: hi, I can assume my super user power
whenever I want. As this make the "set role usera" pretty much useless.
It's unsafe!
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected]
Subject: Re: set role command
In-Reply-To: <CA+bysH_or91tt7r0gKLJtw5Wp+DEYwnaRJoTvLfKO33dcdQ_rQ@mail.gmail.com>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox