Hi!
> These are basically that the truncate, insert, delete and insert
> rights for the role creating the subscription. Why would we actually
> need that?
It's for security reasons. Because possible to attack target server. If publication have system tables for instance
pg_authid
> pg_subscription_users and these should be able to dump subscriptions,
> so you have at least one problem.
But in system_views.sql we give grant on subconninfo column and pg_dump required superuser privilege only for postgesql
under12 version. Old version pg_dump still works but require superuser for dump subscription.
--------
Efimkin Evgeny