The following documentation comment has been logged on the website:
Page: https://www.postgresql.org/docs/11/role-attributes.html
Description:
The reference for `CREATE ROLE` has the following text in the `NOTES`
section regarding the `CREATEROLE` privilege:
>Be careful with the CREATEROLE privilege. There is no concept of
inheritance for the privileges of a CREATEROLE-role. That means that even
if a role does not have a certain privilege but is allowed to create other
roles, it can easily create another role with different privileges than
its own (except for creating roles with superuser privileges). For
example,
if the role “user” has the CREATEROLE privilege but not the CREATEDB
privilege, nonetheless it can create a new role with the CREATEDB
privilege. Therefore, regard roles that have the CREATEROLE privilege as
almost-superuser-roles.
Something like that is should be also on this page in the `role creation`
section.