"David G. Johnston" <david.g.johnston@xxxxxxxxx> writes: > On Mon, Jul 8, 2024 at 2:16 PM Tom Lane <tgl@xxxxxxxxxxxxx> wrote: >> Pavel Luzanov <p.luzanov@xxxxxxxxxxxxxx> writes: > On 08.07.2024 22:22, Christophe Pettus wrote: >>>> This is more curiosity than anything else. In the v16 role system, is >>>> there actually any reason to grant membership in a role to a different >>>> role, but with SET FALSE, INHERIT FALSE, and ADMIN FALSE? Does the role >>>> granted membership gain any ability it didn't have before in that case? >>> Looks like there is one ability. >>> Authentication in pg_hba.conf "USER" field via +role syntax. >> Hmm, if that check doesn't require INHERIT TRUE I'd say it's >> a bug. > The code doesn't support that claim. That doesn't make it not a bug. Robert, what do you think? If this is correct behavior, why is it correct? regards, tom lane
