On Mon, Feb 20, 2023 at 11:02:10AM -0800, Nathan Bossart wrote:
> On Mon, Feb 20, 2023 at 08:54:48AM +0100, Peter Eisentraut wrote:
>> I'm concerned about the loose use of "privilege" here. A privilege is
>> something I can grant. So if someone doesn't have the "REPLICATION
>> privilege", as in the above example, I would expect to be able to do "GRANT
>> REPLICATION TO someuser". Since that is not what is happening, we should
>> use some other term. The documentation around CREATE USER uses the terms
>> "attribute" and "option" (and also "privilege") for these things.
>
> Good point. I will adjust these to use "attribute" instead.
done in v6
>> Similarly -- this is an existing issue but we might as well look at it -- in
>> something like
>>
>> must be superuser or a role with privileges of the
>> pg_write_server_files role
>>
>> the phrase "a role with the privileges of that other role" seems ambiguous.
>> Doesn't it really mean you must be a member of that role?
>
> Membership alone is not sufficient. You must also inherit the privileges
> of the role via the INHERIT option. I thought about making this something
> like
>
> must have the INHERIT option on role %s
>
> but I'm not sure that's accurate either. That wording makes it sound lіke
> you need to be granted membership to the role directly WITH INHERIT OPTION,
> but what you really need is membership, direct or indirect, with an INHERIT
> chain up to the role in question. However, it looks like "must have the
> ADMIN option on role %s" is used to mean something similar, so perhaps I am
> overthinking it.
For now, I've reworded these as "must inherit privileges of".
--
Nathan Bossart
Amazon Web Services: https://aws.amazon.com