On Wed, Apr 19, 2023 at 2:19 PM Bryn Llewellyn <bryn@xxxxxxxxxxxx> wrote:
This tip
«
It is good practice to create a role that has the CREATEDB and CREATEROLE privileges, but is not a superuser, and then use this role for all routine management of databases and roles. This approach avoids the dangers of operating as a superuser for tasks that do not really require it.
»
used to be found in all versions of the PG doc
What was the rationale for removing it? The practice recommendation makes sense to me. And I've implemented a scheme for database and role provisioning that uses just such a non-superuser with CREATEDB and CREATEROLE. I'm pleased with it.
It was removed in this commit: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=1c77873727dfd2e48ab2ece84d1fb1676e95f9a5
According to the commit comment, there's little security advantage to using a role with CREATEDB and CREATEROLE privileges.
