On Wednesday, April 19, 2023, Bryn Llewellyn <b...@yugabyte.com> wrote: > > > had a reference to an email thread on the pgsql-hackers with subject > "fixing CREATEROLE". It was started by Robert Haas and it begins thus: > > > https://www.postgresql.org/message-id/CA%2BTgmobGds7oefDjZUY%2Bk_ > J7p1sS%3DpTq3sZ060qdb%3DoKei1Dkw%40mail.gmail.com > > > > The CREATEROLE permission is in a very bad spot right now. The biggest > problem that I know about is that it allows you to trivially access the OS > user account under which PostgreSQL is running, which is expected behavior > for a superuser but simply wrong behavior for any other user. This is > because CREATEROLE conveys powerful capabilities not only to create roles > but also to manipulate them in various ways, including granting any > non-superuser role in the system to any new or existing user, including > themselves. > > > The thread goes on forever. And it branches too. It's talking about > possibly patching the code—precisely to bring about a change in behavior. > And I'm asking if the fix(es) under discussion would change the behavior of > the code that I showed. >
Yes, the behavior change is part of the unreleased v16. We don’t make non-bug changes to released versions. David J.
