Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1vNVKy-004hi2-1s
	for pgsql-general@arkaria.postgresql.org;
	Mon, 24 Nov 2025 12:06:33 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.96)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1vNVKw-000kgx-1o
	for pgsql-general@arkaria.postgresql.org;
	Mon, 24 Nov 2025 12:06:30 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <floriparob@tpg.com.au>)
	id 1vNVKv-000kgd-0a
	for pgsql-general@lists.postgresql.org;
	Mon, 24 Nov 2025 12:06:30 +0000
Received: from omr-01.pc5.atmailcloud.com ([103.150.252.117])
	by makus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <floriparob@tpg.com.au>)
	id 1vNVKr-001CXu-1E
	for pgsql-general@lists.postgresql.org;
	Mon, 24 Nov 2025 12:06:28 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=tpg.com.au;
	s=202309; h=MIME-Version:Content-Type:Date:To:From:Subject:Message-ID;
	bh=2i1RBSIxEIURVVoqcvJxlkF0Ak2xefIL5T+RG0PA2LY=; b=NOrewVEpxF504hk42AEP2WBzbh
	A0hdQOaxpA0EYkJKVCI5dm8FlChlVY1jQmbOVyS/4gbDN8JPzrOOilJBcv9p8qh37lYGoeZNcCnB3
	yyftZ0uddinrbH4dLtWrY7bRO0sUCDNEEXVtMLvLAFEzAKYDkUqPS/quYXLnU5MJtHsspfsGQVBbf
	pSE00losgvjgDqIQgK2Z1SWxXBNKQxWdFu48r70vN4pCKxVuGedC5zahc4h6CWDJtZz2x+/IkknI8
	G76sANUsKxY9rJ1f/uhtwMbwnngNwxi6TI+W7JnVL2GxEGYwHCeZVlXDu+NCzXVO7WipCrfO0iG5O
	7GmABM3g==;
Received: from cmr-kakadu02.internal.pc5.atmailcloud.com (cmr-kakadu02.internal.pc5.atmailcloud.com [192.168.1.4]) 
	by omr-01.pc5.atmailcloud.com (Exim/cmr-kakadu02.i-07ba165f0d47d4f0d) with ESMTPS
	(envelope-from <floriparob@tpg.com.au>)
	id 1vNVKo-0000000A71i-0cFD ;
	Mon, 24 Nov 2025 12:06:22 +0000
Received: from 203-213-41-100.tpgi.com.au ([203.213.41.100] helo=[192.168.1.103])
	 by cmr-kakadu02.i-07ba165f0d47d4f0d with esmtpsa
	(envelope-from <floriparob@tpg.com.au>)
	id 1vNVKn-00000001d7S-3aS0;
	Mon, 24 Nov 2025 12:06:21 +0000
Message-ID: <f277a82d40a56c574b6c371c413be8ea8cbb46ac.camel@tpg.com.au>
Subject: Re: set role command
From: rob stone <floriparob@tpg.com.au>
To: Calvin Guo <newoakllc2023@gmail.com>, pgsql-general@lists.postgresql.org
Date: Mon, 24 Nov 2025 23:06:20 +1100
In-Reply-To: <CA+bysH_or91tt7r0gKLJtw5Wp+DEYwnaRJoTvLfKO33dcdQ_rQ@mail.gmail.com>
References: 
	<CA+bysH_or91tt7r0gKLJtw5Wp+DEYwnaRJoTvLfKO33dcdQ_rQ@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
User-Agent: Evolution 3.56.2-7 
MIME-Version: 1.0
X-Atmail-Id: floriparob@tpg.com.au
X-atmailcloud-spam-action: no action
X-Cm-Analysis: v=2.4 cv=VYc8P0p9 c=1 sm=1 tr=0 ts=69244a3d a=mL3dkEhBeEK5RWnXAwMwqQ==:117 a=mL3dkEhBeEK5RWnXAwMwqQ==:17 a=IkcTkHD0fZMA:10 a=6UeiqGixMTsA:10 a=x7bEGLp0ZPQA:10 a=ELYgh4H-fZkA:10 a=rgGoGr8r1T41Z8WF8PgA:9 a=QEXdDO2ut3YA:10
X-Cm-Envelope: MS4xfC3+3FRlV5ePmPYYH2t4mCic47DZmQ3L/CX/WpD5qjm/jCsgXE46egny2PemKdhw9BeSsn6VPAmWsyS9VBsLDhFmqPopL0DeNpSu287/J6OXlujb0l4k sDdfY/f3qOBVgmiISbv+2FhuTMjK1pSw6MWKxtiNTs38NFzyLGguuQeaLRTXQ1gLD2NNzfXLg7hQIg==
X-atmailcloud-route: unknown
List-Id: <pgsql-general.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-general@lists.postgresql.org>
List-Owner: <mailto:pgsql-general-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-general>
Archived-At: <https://www.postgresql.org/message-id/f277a82d40a56c574b6c371c413be8ea8cbb46ac.camel%40tpg.com.au>
Precedence: bulk

On Mon, 2025-11-24 at 16:15 +0800, Calvin Guo wrote:
> I feel that set role logic is kindof misleading.
>=20
> I am a superuser, admin,
> I do:
> set role usera
> Now I am under the security context of usera, so I think running any
> sql is safe as long as it's allowed by usera.
>=20
> Which is not the case!
> as usera can do:
> set role userb; other sql,
> or=C2=A0
> reset role; orther sql,
> it turns out it's not safe at all, the sql can easily get access
> right of the super user. it can impernate userb though they do not
> have any relationship whatso ever.
>=20
> I really feel, once you "set role usera", you should behave like
> usera, you should NOT have the power say: hi, I can assume my super
> user power whenever I want. As this make the "set role usera" pretty
> much useless.
>=20
> It's unsafe!


Hello,

firstly you have to create a role usera and in doing so give it the
privileges you want usera to have. You can also restrict its privileges
by specifying the NO* range of options.

So, if you are logged in as userb, say, doing "set role usera" simply
switches you out of userb into usera, and you behave as usera in that
session.

HTH,
Rob


=20