public inbox for [email protected]
help / color / mirror / Atom feedFrom: Nico Williams <[email protected]>
To: Tom Lane <[email protected]>
Cc: Laurenz Albe <[email protected]>
Cc: Calvin Guo <[email protected]>
Cc: [email protected]
Subject: Re: set role command
Date: Mon, 24 Nov 2025 13:27:04 -0600
Message-ID: <aSSxiCArsuPkf/I5@ubby> (raw)
In-Reply-To: <[email protected]>
References: <CA+bysH_or91tt7r0gKLJtw5Wp+DEYwnaRJoTvLfKO33dcdQ_rQ@mail.gmail.com>
<[email protected]>
<[email protected]>
On Mon, Nov 24, 2025 at 11:18:20AM -0500, Tom Lane wrote:
> Laurenz Albe <[email protected]> writes:
> > On Mon, 2025-11-24 at 16:15 +0800, Calvin Guo wrote:
> >> I really feel, once you "set role usera", you should behave like usera, you should
> >> NOT have the power say: hi, I can assume my super user power whenever I want.
> >> As this make the "set role usera" pretty much useless.
>
> > I respect your feelings, but that is not how SET ROLE works.
> > The current behavior is intentional and documented in
> > https://www.postgresql.org/docs/current/sql-set-role.html
>
> And it's also required by the SQL standard, which is very clear
> that "user identifier" and "role" are different things, and
> SET ROLE only changes the latter.
>
> > There is SET SESSION AUTHORIZATION, which acts somewhet more like you want,
> > except that you can become a superuser again with RESET SESSION AUTHORIZATION.
>
> In the standard, the privileges required to do SET SESSION
> AUTHORIZATION are "implementation defined", which means we could
> change how it works without breaking standards conformance.
> We'd still be breaking backwards compatibility, though --- for
> instance, pg_dump dumps made with --use-set-session-authorization
> would stop working. I think that a proposal to change this has
> very little chance of succeeding.
Can we have an extension to say PERMANENTLY?
This is the SQL equivalent of `setreuid()`, essentially. Except that
unix has a way to do it permanently. It's a _very_ useful thing to
have.
Nico
--
view thread (3+ messages)
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected], [email protected], [email protected]
Subject: Re: set role command
In-Reply-To: <aSSxiCArsuPkf/I5@ubby>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox