diff options
Diffstat (limited to 'doc/src')
| -rw-r--r-- | doc/src/sgml/ref/set_role.sgml | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/doc/src/sgml/ref/set_role.sgml b/doc/src/sgml/ref/set_role.sgml index 083e6dc6ea9..9557bb77aba 100644 --- a/doc/src/sgml/ref/set_role.sgml +++ b/doc/src/sgml/ref/set_role.sgml @@ -37,7 +37,10 @@ RESET ROLE written as either an identifier or a string literal. After <command>SET ROLE</command>, permissions checking for SQL commands is carried out as though the named role were the one that had logged - in originally. + in originally. Note that <command>SET ROLE</command> and + <command>SET SESSION AUTHORIZATION</command> are exceptions; permissions + checks for those continue to use the current session user and the initial + session user (the <firstterm>authenticated user</firstterm>), respectively. </para> <para> @@ -89,11 +92,6 @@ RESET ROLE </para> <para> - Note that when a superuser chooses to <command>SET ROLE</command> to a - non-superuser role, they lose their superuser privileges. - </para> - - <para> <command>SET ROLE</command> has effects comparable to <link linkend="sql-set-session-authorization"><command>SET SESSION AUTHORIZATION</command></link>, but the privilege checks involved are quite different. Also, |