Tom Lane a6dcd19a2a Enforce superuser permissions checks during ALTER ROLE/DATABASE SET, rather ... than during define_custom_variable(). This entails rejecting an ALTER command if the target variable doesn't have a known (non-placeholder) definition, unless the calling user is superuser. When the variable *is* known, we can correctly apply the rule that only superusers can issue ALTER for SUSET parameters. This allows define_custom_variable to apply ALTER's values for SUSET parameters at module load time, secure in the knowledge that only a superuser could have set the ALTER value. This change fixes a longstanding gotcha in the usage of SUSET-level custom parameters; which is a good thing to fix now that plpgsql defines such a parameter.		2010-04-21 20:54:19 +00:00
..
sgml	Enforce superuser permissions checks during ALTER ROLE/DATABASE SET, rather	2010-04-21 20:54:19 +00:00
Makefile	Ship documentation without intermediate tarballs	2009-08-09 22:47:59 +00:00