Robert Haas <robertmh...@gmail.com> writes:
> This discussion made me go back and look at the commit in question. My
> opinion is that the feature as it was committed is quite hard to
> understand. The documentation for it said this: "Specifies that
> variable should be set on behalf of ordinary role." But what does that
> even mean? What's an "ordinary role"? What does "on behalf of" mean?
Yeah. And even more to the point: how would the feature interact with
per-user grants of SET privilege? It seems like it would have to ignore
or override that, which is not a conclusion I like at all.
I think that commit a0ffa885e pretty much nailed down the user interface
we want, and what remains is to work out how granting SET privilege
interacts with the time-delayed nature of ALTER USER/DATABASE SET.
But the answer to that does not seem difficult to me: remember who
issued the ALTER and see if they still have SET privilege at the time
we activate a particular entry.
regards, tom lane
