Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1mnezl-0000sH-Dl for pgsql-hackers@arkaria.postgresql.org; Thu, 18 Nov 2021 10:50:21 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.92) (envelope-from ) id 1mnezj-0004vD-Pv for pgsql-hackers@arkaria.postgresql.org; Thu, 18 Nov 2021 10:50:19 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1mnezj-0004v3-EA for pgsql-hackers@lists.postgresql.org; Thu, 18 Nov 2021 10:50:19 +0000 Received: from mail-yb1-xb33.google.com ([2607:f8b0:4864:20::b33]) by makus.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1mnezc-0004xe-Up for pgsql-hackers@postgresql.org; Thu, 18 Nov 2021 10:50:18 +0000 Received: by mail-yb1-xb33.google.com with SMTP id i194so16679013yba.6 for ; Thu, 18 Nov 2021 02:50:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=7Q199kgLUiWOMMMeKEsnAOWcorvZsd1/HHIjbiXmlQ0=; b=ZwA0yy30Ug9N4/BZdMZqr/XYSsifyEklQqPXxf2OzHpymshOjYPSu4IZBqg5GeeT0L y3sSpLipclCka515D/TM/KBwZGj4OFgvEyyUnJhqg9jh1NpFfLtSe+8oV6Ie+Nr7wPxg U0cvZuxU1S6YzppATuJ4B3ctWnMdw4Hs2yJoAcS1JaGfKXfmwSOSzj6Qct+NJASCKUeP uVIjitIKWTtJ6MPJAR/eyVLBYBPFkARPsjttT1KZWp39d8Ohsa1jKarKHROSO1+u0Z9m v5ynr1FJnRX2WpZPNRU4iz4Hf5hBhi1uHA20wdqY9SpaDVph8RbPffmB3mCPtBJQqwr4 5w/A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=7Q199kgLUiWOMMMeKEsnAOWcorvZsd1/HHIjbiXmlQ0=; b=eom1t8RqueR68/oDy+IHXiRa0z2ciCJ2N7RP6EN4HyhaNsB2TRETYziT63OSTqI+Ok gEdnWl2ckwo411YINyTO8yK15ocl4z1was5KTnJ6No2riMNy8O3IsBdVB45C5mRL+gJc tiaVGr2ZxpHEY9kvKRvVquChkdFsTbOS8AVmEqyRry/L0QvK/+xd7QHN1A4sBL8gaP8r O4y9GRAj36trsTF99/MNpxKnGRtFxvjl7BJ5yKjX9c8z+WkZKo6NhMAeviO7Untv6PU+ D5/G4qhQpPfYrRckfoTuYZQaEYZV6xsIfaOi4lDRzLq5rkDR0hL+lrs+SvGUqsJgHGlE TwiQ== X-Gm-Message-State: AOAM533bMiO1RFmdkMw9j5CYinHv3pDnxsVL7Qqq9JsVce0eKel6Zy1V mHoknGW5A0Qm6Rq16zDbWFCtiX8gF5um6AAZ88c= X-Google-Smtp-Source: ABdhPJxjrANDEeFf2dAUHR+kiJLdyq0OyS2cbA1CUqEi2OqgmcI6hSfeZQewwD2xqWJI7ZcN4yXg6g8R7VMA3+rz2l4= X-Received: by 2002:a5b:502:: with SMTP id o2mr24322194ybp.452.1637232611624; Thu, 18 Nov 2021 02:50:11 -0800 (PST) MIME-Version: 1.0 References: <9DFC88D3-1300-4DE8-ACBC-4CEF84399A53@enterprisedb.com> <6BB4451E-7B1B-474C-BD1F-DB7531E720C6@enterprisedb.com> <6A2B0FF6-CC86-48CE-B0D3-5401AA5CFEA9@enterprisedb.com> In-Reply-To: From: Amit Kapila Date: Thu, 18 Nov 2021 16:20:01 +0530 Message-ID: Subject: Re: Non-superuser subscription owners To: Mark Dilger Cc: Jeff Davis , Andrew Dunstan , PostgreSQL-development , Robert Haas Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On Wed, Nov 17, 2021 at 11:56 PM Mark Dilger wrote: > > > On Nov 17, 2021, at 9:33 AM, Jeff Davis wrote: > > > > > This would not address the weirdness of the existing code where a > > superuser loses their superuser privileges but still owns a > > subscription. But perhaps we can solve that a different way, like just > > performing a check when someone loses their superuser privileges that > > they don't own any subscriptions. > > I gave that a slight amount of thought during the design of this patch, b= ut didn't think we could refuse to revoke superuser on such a basis, and di= dn't see what we should do with the subscription other than have it continu= e to be owned by the recently-non-superuser. If you have a better idea, we= can discuss it, but to some degree I think that is also orthogonal to the = purpose of this patch. The only sense in which this patch depends on that = issue is that this patch proposes that non-superuser subscription owners ar= e already an issue, and therefore that this patch isn't creating a new issu= e, but rather making more sane something that already can happen. > Don't we want to close this gap irrespective of the other part of the feature? I mean if we take out the part of your 0003 patch that checks whether the current user has permission to perform a particular operation on the target table then the gap related to the owner losing superuser privileges should be addressed. --=20 With Regards, Amit Kapila.