On Sun, Jul 9, 2023 at 1:03 PM Joseph Koshakow <
koshy44@gmail.com> wrote:
>> * Only a superuser may set auth ID to something other than himself
> Is "auth ID" the right term here? Maybe something like "Only a
> superuser may set their session authorization/ID to something other
> than their authenticated ID."
>> But we set the GUC variable
>> * is_superuser to indicate whether the *current* session userid is a
>> * superuser.
> Just a small correction here, I believe the is_superuser GUC is meant
> to indicate whether the current user id is a superuser, not the current
> session user id. We only update is_superuser in SetSessionAuthorization
> because we are also updating the current user id in SetSessionUserId.
I just realized that you moved this comment from
SetSessionAuthorization. I think we should leave the part about setting
the GUC variable is_superuser on top of SetSessionAuthorization since
that's where we actually set the GUC.
Thanks,
Joe Koshakow