Richard Huxton <dev@archonet.com> writes:
> Zlatko Mati� wrote:
>> I was thinking about two possible scenarios: a) to allow regular users
>> to create new users b) to restrict superuser's permissions
>>
>> What is possible and what do you suggest ?
> Neither is possible directly. (B) means they're not a superuser and (A)
> means they are.
There has been some talk of separating the power to create new users
from the power of being superuser (although presumably only a superuser
should be allowed to create new superusers). If the planned pg_role
rewrite gets submitted before the 8.1 feature freeze, I might look at
adding that frammish into it.
regards, tom lane