Re: Orphaned users in PG16 and above can only be managed by Superusers
От | Nathan Bossart |
---|---|
Тема | Re: Orphaned users in PG16 and above can only be managed by Superusers |
Дата | |
Msg-id | Z8iweEK1PZolUIt6@nathan обсуждение исходный текст |
Ответ на | Re: Orphaned users in PG16 and above can only be managed by Superusers (Robert Haas <robertmhaas@gmail.com>) |
Ответы |
Re: Orphaned users in PG16 and above can only be managed by Superusers
Re: Orphaned users in PG16 and above can only be managed by Superusers |
Список | pgsql-hackers |
On Tue, Feb 18, 2025 at 02:54:46PM +0530, Ashutosh Sharma wrote: > Attached is a patch that checks for role dependencies when the DROP > ROLE command is executed. If dependencies are found, the command is > prevented from succeeding. Please review the attached patch and share > your feedback. thanks.! Thanks for the patch. I have two questions: * The patch alleges to only block DROP ROLE commands when there exists _both_ admins of the target role and roles for which the target role is an admin. However, it's not clear to me why both need to be true. I might be able to glean the reason if I read this thread carefully or spend more time thinking about it, but IMHO that patch itself should make it obvious. I'd suggest expanding the comment atop check_drop_role_dependency(). * Does this introduce any race conditions? For example, is it possible for the new check to pass and then for a dependency to be added before the drop completes? -- nathan
В списке pgsql-hackers по дате отправления: