Search Postgresql Archives

Re: Can db user change own password?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 10/21/21 10:51, Tom Lane wrote:
Toomas <toomas.kristin@xxxxxxxxx> writes:
2) db=> select current_user, session_user;
  current_user | session_user
--------------+--------------
  db_owner      | db_user
(1 row)

Given that setup, I wonder which role you expected \password to change.

If we target the current_user, we can expect the command to succeed.
I'm just wondering if people will find that surprising.
Targeting the session_user might be less surprising (or not?)
but as this example shows, it can fail.

Well from here:

https://www.postgresql.org/docs/current/sql-set-session-authorization.html

'The current user identifier is relevant for permission checking.'

To me current_user would be the less surprising choice.


One thing that would help, regardless of which definition we think
is most appropriate, is to have \password explicitly say which role
it's intending to set the password for:

db=> \password
Enter new password for role "dbowner":
Enter it again:

Yes, that would be helpful in untangling who you are actually pointing at.


			regards, tom lane



--
Adrian Klaver
adrian.klaver@xxxxxxxxxxx





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]

  Powered by Linux