> On Mar 25, 2024, at 07:20, Daniel Gustafsson <daniel@xxxxxxxx> wrote: > >> On 25 Mar 2024, at 15:09, Tom Lane <tgl@xxxxxxxxxxxxx> wrote: > >> My initial reaction is that we should warn only when the command >> is a complete no-op, that is none of the mentioned privileges >> matched. > > That's my gut reaction too, I think that's fine. The all-singing-all-dancing solution would be to warn if the role retains any of the mentioned privileges for some other reason, as in: WARNING: role "lowpriv" still has EXECUTE permission on "f()" via a grant to role "PUBLIC" by role "owner" ... but I suspect the implementation complexity there isn't trivial.
