Revert "Avoid race condition between "GRANT role" and "DROP ROLE"".

This reverts commit 98fc31d649. That change allowed DROP OWNED BY to drop grants of the target role to other roles, arguing that nobody would need those privileges anymore. But that's not so: if you're not superuser, you still need admin privilege on the target role so you can drop it. It's not clear whether or how the dependency-based approach to solving the original problem can be adapted to keep these grants. Since v18 release is fast approaching, the sanest thing to do seems to be to revert this patch for now. The race-condition problem is low severity and not worth taking risks for. I didn't force a catversion bump in 98fc31d64, so I won't do so here either. Reported-by: Dipesh Dhameliya <dipeshdhameliya125@gmail.com> Author: Tom Lane <tgl@sss.pgh.pa.us> Discussion: https://postgr.es/m/CABgZEgczOFicCJoqtrH9gbYMe_BV3Hq8zzCBRcMgmU6LRsihUA@mail.gmail.com Backpatch-through: 18
2025-10-25 13:17:41 +03:00 · 2025-09-16 13:05:53 -04:00
parent c044b50d19
commit 8abbbbae61
4 changed files with 7 additions and 63 deletions
--- a/doc/src/sgml/ref/drop_owned.sgml
+++ b/doc/src/sgml/ref/drop_owned.sgml
@@ -33,7 +33,7 @@ DROP OWNED BY { <replaceable class="parameter">name</replaceable> | CURRENT_ROLE
   database that are owned by one of the specified roles. Any
   privileges granted to the given roles on objects in the current
   database or on shared objects (databases, tablespaces, configuration
-   parameters, or other roles) will also be revoked.
+   parameters) will also be revoked.
  </para>
 </refsect1>