• Tom Lane's avatar
    Enforce superuser permissions checks during ALTER ROLE/DATABASE SET, rather · a6dcd19a
    Tom Lane authored
    than during define_custom_variable().  This entails rejecting an ALTER
    command if the target variable doesn't have a known (non-placeholder)
    definition, unless the calling user is superuser.  When the variable *is*
    known, we can correctly apply the rule that only superusers can issue ALTER
    for SUSET parameters.  This allows define_custom_variable to apply ALTER's
    values for SUSET parameters at module load time, secure in the knowledge
    that only a superuser could have set the ALTER value.  This change fixes a
    longstanding gotcha in the usage of SUSET-level custom parameters; which
    is a good thing to fix now that plpgsql defines such a parameter.
    a6dcd19a
alter_role.sgml 10.6 KB